Collaborate Disseminate
Let’s say that I use Chrome’s incognito mode and search for a specific term using Google Image Search without being logged into my Google Account. After Google gives me the results, I click on a certain image and then click o… Continue reading Google images – tracking used filters
I’ve been asked to help fill out a survey and one of the questions is whether a Threat Risk Assessment has been performed on a blog we’re setting up for a charity. The WordPress blog will use a free theme. It will be adminis… Continue reading Is Threat Risk Assessment the same as Threat Risk Modeling?
One tactic to evade ASLR, as we all know, is to redirect execution to a “jmp esp” instruction, which then jumps to our shellcode for execution. However, this tactic relies on ESP pointing to your shellcode; which is something… Continue reading Is it possible to manipulate a buffer overflow to get ESP pointing to my shellcode?
If you already have SHA1 hashed passwords and you’re trying to migrate to a better password hashing algorithm, is it less secure to just use PBKDF2 to hash the SHA1 hashes you already have instead of migrating users over when… Continue reading Is it insecure to use PBKDF2 on a SHA1 hashed password?
I am playing around with ssh keys with ED25519.
I have seen a couple of libraries playing with generating the public/private key pair. Another parsing the openssh private key to get the key, but the challenge I’m running into is getting th… Continue reading SSH ED25519 Key Extract pk (32 bytes)
I’m setting up an SSH key signing server, using Neflix BLESS as the base
github(dot)com/Netflix/bless.
There is a critical option for source-address to ensure that the certificate can only be used from a list of specific IP addresses, but… Continue reading SSH CertKey Signing Destination
I am interested in setting up a trigger that can unlock door locks using an iPhone. The lock and unlock mechanism is not an issue as I have an API end point for this once authorized it is more an issue around the trigger.
I have seen that… Continue reading How secure is BLE for a door lock
I’m researching memory safety vulnerabilities and noticed that in non-browser applications (for example the Linux kernel) the CVE details entries for use-after-free vulnerabilities almost always list UAFs as denial of service errors, not r… Continue reading Exploitability of Heap Vulnerabilities
I’m new to crunch and I want to generate a specific wordlist but I need the appropriate code for it. Let’s take 478, 1990, gmgm and first. I want all the combinations of these two numbers and two words without changing the or… Continue reading Generating wordlists with upper and lower case with crunch
I’m currently attempting to use ncat to bind a cmd shell in Windows for remote access in Kali Linux.
On Windows, I first run:
ncat –exec cmd.exe -vnl Port –ssl
On Kali Linux, I then run:
ncat -v WindowsIP Port –ssl