ScTALE – WindowsTechs.com

Detect card type (RFID, NFC, Magnetic, …) [duplicate]

Posted on June 24, 2020 by ScTALE

I would like to know how the communication between my gym card and the checking point works.
I bought an ACR122U reader, but it seems that I can’t read my card with it, the card is not recognized as something readable with that adapter.
Th… Continue reading Detect card type (RFID, NFC, Magnetic, …) [duplicate]→

Hashcat and naive-hashcat Kali Linux CPU/GPU driver issue

Posted on March 20, 2020 by ScTALE

I am trying to run hashcat and naive-hashcat in Kali linux, but I am having problems with cpu/gpu divers.
If I run hashcat i get this error:

Device #1: Not a native Intel OpenCL runtime. Expect massive speed loss.
You can use… Continue reading Hashcat and naive-hashcat Kali Linux CPU/GPU driver issue→

Aircrack pause and resume (john+crunch)

Posted on March 16, 2020 by ScTALE

I would like to pause an aircrack brute force attack and resume it later.
I found this How to continue your Aircrack-ng Bruteforce where you left off?, but the command that I am executing is the following:

crunch 10 10 -t ,%%%%%,,,, | air… Continue reading Aircrack pause and resume (john+crunch)→

SQLmap check sql burp vulnerability

Posted on March 4, 2019 by ScTALE

Burp suggests me that an application has an SQL injection point.
First request:

GET /restrict/menuApc.do?MVPG=ApcAssistitoTSRicercaPre&ASSISTITO_ID=*SRVZOSA40002294’&s_ELIMINATI=1&s_TIPO_ASSISTITO=&s_ASSISTIT… Continue reading SQLmap check sql burp vulnerability→

Netcat script for testing HTTP methods with HTTPS [migrated]

Posted on February 14, 2019 by ScTALE

I use this script to test which methods are enabled in a server:

#!/bin/bash

for webservmethod in GET POST PUT DELETE TRACE CONNECT OPTIONS PROPFIND COPY MOVE LOCK MKCOL;

do
printf “$webservmethod ” ;
printf “$webservmetho… Continue reading Netcat script for testing HTTP methods with HTTPS [migrated]→

SQLmap different response than burp

Posted on February 8, 2019 by ScTALE

This is my GET request, inside a get_request.txt file:

GET /sa4apc/restrict/menuApc.do?MVPG=ApcAssistitiRicerca&s_TIPO_ASSISTITO=C&s_ELIMINATI=1&s_ASSISTITO=’giovanni&s_TIPO_SOGGETTO=1 HTTP/1.1
Host: test-san… Continue reading SQLmap different response than burp→

SQLmap after burp possible injection point

Posted on February 6, 2019 by ScTALE

Burp states that a GET request have surely a SQL injection point.

I am using python sqlmap.py -r file_with_that_request.txt –level 5 –risk 3 –dbms=oracle but the injectiont doesn’t work. Am I doing something wrong or is t… Continue reading SQLmap after burp possible injection point→

Configure burp to intercept JNLP

Posted on December 21, 2018 by ScTALE

I am monitoring a site where there is an applet. To use it, there is the download and the execution of a jnlp file. I would like to monitor the requests made from and to that file through Burp.
I read the documentation here h… Continue reading Configure burp to intercept JNLP→