Collaborate Disseminate
Is it possible, via MITM attacks (or other techniques), to hijack an active reverse shell that is running as root, while I am an unprivileged user?
root 2108 2107 0 13:55 ? 00:00:00 /bin/bash /usr/local/bin/run… Continue reading Is it possible to hijack an active reverse shell?
In XVWA (Xtreme Vulnerable Web Application) I presented with an PBKDF2 with sha256 and 1000 iteration as such:
<?php
function create_hash($password)
{
// format: algorithm:iterations:salt:hash
$salt = base64_en… Continue reading XVWA PBKDF2 with sha256 and 1000 iteration
How can I detect Wi-Fi login attempts? I was thinking to put an Wi-Fi interface in monitor mode and look for leaked SSIDs.
I am performing a penetration testing on an application hosted on an Ubuntu environment.
So using a path traversal vulnerability, I can download any file.
The API web application runs as root (shadow and brute-force are al… Continue reading How can I find a web application’s document root using a path traversal vulnerability?
What are the security implications of an web application that allows users to change their passwords with the current (exactly the same) password?
Continue reading Users can change their password with the same password
Is there anything that could be used as a social engineering testing methodology from any sort of organisation (example: ISO, SANS, PCI DSS etc.)
What are the security implications in disclosing the composer.lock file for a remote, public known, web application?
Continue reading Security implication of disclosing composer.lock?
In a CTF/exploitation lab, I am aware of two separate machines.
Developer machine: Windows 7 x64, as blank, as it can get (no KB patch)
Service machine: UNKNOWN
On Developer:
I have a source code file in C with a basic B… Continue reading Exploit "Blind" buffer overflow in a lab
How can I obtain all timestamps of all files ( starting”/”) on a Linux system in order to verify if a file was changed within a breach?
Is there a permanent and secure (as in integrity) way to make the entire Ubuntu system of a VPS (virtual private server) read-only to all users (including the root user)?