Collaborate Disseminate
I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker has its own wifi card and connects to w… Continue reading Next movement in IoT pentest when you have restricted information
I am studying how to determine which packets carrying TLS records belong to the same TLS session (much like Wireshark does).
For a given TLS record that belongs to a specific packet(s), are we always able to determine its relation to its o… Continue reading Are TCP source and destination port numbers sufficient to determine which packets carrying TLS records belong to a specific TLS session? [closed]
I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address obfuscation, requirements to be met to receive … Continue reading How would you hide yourself whilst conducting a scan on a target network to identify open service ports?
While setting up a new VPS instance running Ubuntu, I found that I needed to set AllowTcpForwarding yes in /etc/ssh/sshd_config to achieve a remote VS Code connection. I am and will be the sole user who can log in on that instance, root lo… Continue reading Security Implications of Allowing TCP Forwarding to Use vscode-server
I am currently trying to learn the TCP session creating (3 way handshake) process in detail. I was wondering what the sequence number means and also why is the ack num for the next ACK packet always the sequence number of the previous pack… Continue reading What is sequence number and why is it used as the ACK number for the next ACK packet? [closed]
I see a lot of TCP connections in proxy logs in Splunk e.g. tcp://Google.com. I don’t understand if this is user activity or some file reaching out or some website connecting to Google.
For example: Twitter is blocked in our environment. H… Continue reading TCP connections in proxy logs in splunk [closed]
I was running MQTT broker in my pc and tried to connect to it via mqtt client in same PC. using x509 cert for mutual tls. SSL Handshake was failing with RST from server. This was happening only in my PC.
When I tried to do the same setup i… Continue reading SSL handshake failure | Client hello(success) -> Server ACK (success) -> server RST (connection closed)
When you send the following command to port 8030/tcp of ArcServer UDP, the server will respond with a Ping. Can we consider this behavior safe and without problems?
<map>
<entry>
<jdk.nashorn.internal.objects.Nat… Continue reading The server responds with a Ping from port 8030/tcp of ArcServer UDP [closed]
From what I gathered, the gist of XerXes is doing this (snippet in Python):
with socket(AF_INET, SOCK_STREAM) as s:
s.connect((host, port))
s.send(b"0")
simultaneously, i.e. the opening and closing a large number of… Continue reading Would XerXes be effective without sending anything over the connections it opens?
Please walk through how an attacker can intercept Chrome’s connection to 127.0.0.1:999, as suggested by the warning below.
This warning is consitently displayed across many versions of Chrome in many OSes.
When I click the "learn mor… Continue reading How can non-root intercept privileged loopback ports?