Collaborate Disseminate
I’m learning how to exploit a tiny web server based on a well written post here: https://blog.coffinsec.com/2017/11/10/tiny-web-server-buffer-overflow-discovery-and-poc.html
I am very close to successfully exploiting it, but I am stuck on … Continue reading How to properly pack address into bytes to overwrite EIP register
What’s the recommendation for an organisation with admins who administer multiple environments?
For example, we have the same administrator with privileged access to different Microsoft Entra Id tenancies – tenantA, tenantB and tenantC. Cu… Continue reading Recommendations for admins who administer multiple environments
I’ve been locked out of my personal files for years. They are in a DMG that are protected by a 256 bit encryption. I’ve run the password hash with a custom word list of what I think are partial words, phrases, and numbers I used are with J… Continue reading Need help cracking Apple DMG password with 256 bit AES encryption. likely know many characters of the password. Will Pay $$
A piece of python code at work was designed to run a few .ps1 scripts on remote machines to test for weak spots, using impacket.
The flow is –
We use impacket’s SMBConnection to upload .bat and .ps1 files to the remote machine.
impacket … Continue reading Powershell execution policy’s effect on remote processes
My ex has been creating fake email accounts and phone numbers and harassing me for over a year with all tactics possible- contacting my job to get me fired/spreading lies, insulting my family and friends on the deepest level possible, thre… Continue reading Stalking and Harassment Help Needed [closed]
Please let me present you with a hypothetical scenario. A journalist is targeted by hackers. Said journalist is very careful with email attachments and will not click on them. However, surfing the web is full of risks. I have two questions… Continue reading How easy is it to inject malware into websites?
I’m in court with evidence my ex is saying the messages in my evidence are from her email address but wasn’t her but me sending myself 6 days of conversations. Daying I had access. I didnt. I need to prove it was from her house. Basically … Continue reading Need to prove my ex ipaddress was th 1 logged into her email account when she sent me emails. Its for my court defense. She saying was me sent 2myself
I have a need to whitelist two sets of 0/23 IPs (which could amount to approx 1200 IPs) along with 10,000-20,000 ports (UDP). We have historically never done it and feel very uncomfortable doing so.
Is there anything we can do to feel secu… Continue reading Monitoring and ensuring good behaviour from allowed connections [closed]
I came across this scenario recently and would like to understand if there are any practical attacks against this implementation.
An RSA private key is used to "encrypt" data. The public key is included in a software component di… Continue reading Are there any practical weaknesses in RSA where the private key is used to encrypt a message (signing), without padding? [migrated]
The way I understand is that if someone wants to pretend to be John Doe by using his IP address to conduct nefarious things on the internet, it would not be possible because
traffic would only be one way
the ISP would immediately detect i… Continue reading Reasons why IP spoofing might fail