~/posts

Web Application Vulnerabilities TL;DR Attacks: SQL Injection (login, sesion token) Stored XSS attack CSRF Attack (form) Fixes: Query Parameterization Sanitization (replace ‘<’:’&lt’, ‘>’:’&gt’) CSRF Token Rate Limiting (disallow brute force) click me for repo link to patched-app Attacks Just the tip (basic login SQL injection) After starting up the service, we are greeted with a simple login page. One look at this login page and you can tell that this website’s TOTALLY asking for it.

CAPTCHA Does your website resemble a ghost town… for humans? Is your visitor counter mysteriously stuck on “0” despite having the most fire content on the web? Are you tired of bots feasting on your data like ravenous pigeons on a perfectly good croissant? Then fear not, frustrated friend! Because now there’s Completely Automated Public Turing test to tell Computers and Humans Apart, or what we, in the industry call CAPTCHAs – the revolutionary solution to your bot woes!

IND-CPA We should give a slightly more rigorous definition of confidentiality than ‘attacker can’t read messages’ - it’s vague especially for partial reveals of information. Thus, confidentiality is defined as ciphertext $C$ should give attacker no new info about message $M$. An experiment was made to describe this, which goes along these lines: An adversary, Eve, sends two messages $M_0$ and $M_1$ to Alice. Alice flips a coin (in bits, 0 or 1) to choose which message to encrypt and send back to Eve.

I ain’t readin allat: we break at 0x56556191 (ret from vuln) to observe behavior of eip following the suggested information-giving commands in gdb, we get the desirable esp in vuln being 0xffffcdf8 we try to craft the shell code compiling the given asm with necessary incantations fails we look for an exit one shell code in shell-storm we analyze shell code \x90 * 12 for padding \xf8\xcd\xff\xff redirecting our eip \x31\xc0\x40\x89\xc3\xcd\x80 exit one shell code we also try inserting an execve("/bin/bash") shell code (ofc from shell-storm) $$$ profit exit one shell code full:

Any decent (or old) cybersecurity expert knows about Kevin Mitnick. Famous for many of his early exploits, Mitnick is a black-hat turned white-hat hacker. Born in 1963, Mitnick’s first hack was at age 12, convincing a bus driver to tell him where he could get his own ticket puncher for “a school project”. He then looked for blank LA bus transfer tickets in dumpsters, using the punch machine to get unlimited, free rides.