Are you over 18 and want to see adult content?
More Annotations
![A complete backup of utdailybeacon.com](https://www.archivebay.com/archive5/images/d5430f54-04c8-44e0-89f5-10fb1373300a.png)
A complete backup of utdailybeacon.com
Are you over 18 and want to see adult content?
![A complete backup of arubadesigns.com](https://www.archivebay.com/archive5/images/dec07c50-f669-4232-bf57-0f8aa008aff6.png)
A complete backup of arubadesigns.com
Are you over 18 and want to see adult content?
![A complete backup of lotus-europa.com](https://www.archivebay.com/archive5/images/49064469-c462-4a64-bc4c-b6cf90232568.png)
A complete backup of lotus-europa.com
Are you over 18 and want to see adult content?
![A complete backup of timmendorfer-strand.de](https://www.archivebay.com/archive5/images/74f5f18b-5add-4371-af79-b7afac3bb0f3.png)
A complete backup of timmendorfer-strand.de
Are you over 18 and want to see adult content?
![A complete backup of ancientharvest.com](https://www.archivebay.com/archive5/images/3d851162-d940-4761-8f98-e060908dfdda.png)
A complete backup of ancientharvest.com
Are you over 18 and want to see adult content?
Favourite Annotations
![A complete backup of whiteessence.com](https://www.archivebay.com/archive2/ee1ffbb6-8a0d-4e05-b494-8b6724877cb6.png)
A complete backup of whiteessence.com
Are you over 18 and want to see adult content?
![A complete backup of loriesmississippikitchen.com](https://www.archivebay.com/archive2/8a0cf6da-63af-4589-a79c-541f31998477.png)
A complete backup of loriesmississippikitchen.com
Are you over 18 and want to see adult content?
![A complete backup of magnumtvonline.com](https://www.archivebay.com/archive2/91096b8a-578f-4da3-823b-1292e5202bc0.png)
A complete backup of magnumtvonline.com
Are you over 18 and want to see adult content?
![A complete backup of 21flavorsofsplendor.com](https://www.archivebay.com/archive2/0d28753e-9465-49a6-984d-67824eb37d73.png)
A complete backup of 21flavorsofsplendor.com
Are you over 18 and want to see adult content?
![A complete backup of wilpenapound.com.au](https://www.archivebay.com/archive2/cd26cf8d-e56c-4742-be4c-99013ee069c7.png)
A complete backup of wilpenapound.com.au
Are you over 18 and want to see adult content?
![A complete backup of nessquadkoforti.cf](https://www.archivebay.com/archive2/99661b75-5997-410a-938e-1b0b03676622.png)
A complete backup of nessquadkoforti.cf
Are you over 18 and want to see adult content?
Text
EVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way.POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way.POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened ANALYZING HP THINPRO FIRMWARE Today I got my hands on a HP t510 Thinclient and wanted to analyze the OS and running services (apparently it’s running Ubuntu 10.04.4 LTS). Here is my solution to run the Firmware in a VMware Infrastructure, or simply mount the image for browsing. First you need to download the ThinPro Firmware for your Thinclient model from HP’sDownloadcenter.
POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: DICK DASTARDLY WRITEUP New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino.ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way.POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way.POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened ANALYZING HP THINPRO FIRMWARE Today I got my hands on a HP t510 Thinclient and wanted to analyze the OS and running services (apparently it’s running Ubuntu 10.04.4 LTS). Here is my solution to run the Firmware in a VMware Infrastructure, or simply mount the image for browsing. First you need to download the ThinPro Firmware for your Thinclient model from HP’sDownloadcenter.
POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: DICK DASTARDLY WRITEUP New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino.ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser.POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges:ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges:ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges: FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container using USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened VULNHUB - HACKDAY: ALBANIA WRITEUP - FIREFART I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.. At first I imported the VM into VirtualBox, did a quick netdiscover in kali to get the IP address and fired up nmap:. root@kali:~# nmap -sS -T4 -A -p- 192.168.56.101 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-24 10:12 CET Nmap scan HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. VULNHUB - DC416: BASEMENT WRITEUP - FIREFART Basement is the first of 4 VMs from the DC416 CTF by @barrebas on Vulnhub.There are 5 flags on this machine but I was only able to get 4 of them. Here are my other writeups for the DC416 challenges:ABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575POSTS - FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser. FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress PluginABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575 MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on. VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin FIREFARTABOUT MERHME2DC416HOW TO INSTALL WORDPRESSHACKDAYUPC UBEEEVW3226 FAIL
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. HOW TO RUN CRON JOBS WITH DOCKER The cron daemon parameters in use are:-f: The cron daemon will run in the foreground.This way docker is able to monitor the process.-d 8: This instructs the daemon to log to stderr with the default log level 8.Without this flag messages are only written to syslog and you can’t access them via the logs command.; Using this method of cron involves monitoring the logs of the container usingABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
USING THE MYSQL SERVICE WITH GITHUB ACTIONS With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions. The Ubuntu image already contains a preconfigured MySQL server but if you want to use a specific or newer version or even a RHME2 - SOLVING THE WHAC THE MOLE CHALLENGE - FIREFART Note: If you want to flash it to an Arduino UNO you need to adjust the baud rate in the command to 115200. The first thing to check is if there is anything being sent via the serial interface. We could just bruteforce the baudrate used by the firmware but as we already need an oscilloscope for this challenge let’s go the l33t way. ANALYZING HP THINPRO FIRMWARE To start the conversion run the following command: qemu-img convert -f raw -O vmdk T6X43101.dd thinpro.vmdk. Next create an empty Virtual Machine, select existing Harddisk and use the converted thinpro.vmdk image. If you get a prompt to convert this image to a newer version of VMware, select yes. Now you can boot and configure your very own TURNING PIWIK SUPERUSER CREDENTIALS INTO REMOTE CODE EXECUTION After you activate the plugin the payload will be executed effectively turning the superuser credentials into remote code execution. As I like to automate the boring stuff I also wrote a Metasploit module to easily pwn Piwik installations. Because the payload fires on install and the files are automatically removed once the session is opened UPC UBEE EVW3226 FAIL Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.. First I tried to identify some debug pins on the board and found multiple possible UART connectors. I connected my Buspirate to the first UART and got a login shell protected by a VULNHUB - DC416: FORTRESS WRITEUP - FIREFART Fortress is the last of 4 DC416 VMs by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Dick Dastardly; information gathering. A nmap scan of the machine reveals a FreeBSD server with a webserver present. SQL-INJECTION AND XSS IN ALL-IN-ONE-EVENT-CALENDAR SQL-Injection and XSS in All-in-one-event-calendar Wordpress PluginABOUT - FIREFART
FireFart that austrian security guy . Twitter Github 10 Jan 2011,22:52 about
FIREFART
In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. Read more HOW TO INSTALL WORDPRESS Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. ANALYZING HP THINPRO FIRMWARE DECIMAL HEX DESCRIPTION ----- 32256 0x7E00 Linux EXT filesystem, rev 1.0 ext3 filesystem data, UUID=c0cba688-cc23-404f-a7fb-d67fde13de13, volume name "ROOT" 1606144 0x188200 Squashfs filesystem, little endian, version 4.0, compression: gzip, size: 462368156 bytes, 33965 inodes, blocksize: 131072 bytes, created: Thu Mar 28 01:57:34 2013 644937077 0x2670F575 MULTIPLE VULNERABILITIES IN IONCUBE LOADER-WIZARD In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php. After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.. The software compiles your php code into custom bytecode and performs some obfuscation on variable names, class names and so on. VULNHUB - DC416: BAFFLE WRITEUP - FIREFART After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffle by @superkojiman.. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Dick Dastardly; DC416 Fortress; Information Gathering. As always I started with a netdiscover to get the machines IP-Address and viewed the instructions on Port 80 in a browser.FIREFART
RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.. All you need is an Arduino (or Arduino compatible) board with an atmega328p chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. VULNHUB - DC416: DICK DASTARDLY WRITEUP - FIREFART New evening, new VM: DC416 Dick Dastardly by the famous @_RastaMouse. Here are my other writeups for the DC416 challenges: DC416 Basement; DC416 Baffle; DC416 Fortress; information gathering. As every DC416 VM there is an information page hosted on port 80 with informations aboutit:
FIREFART
THAT AUSTRIAN SECURITY GUY* __ Twitter
* __ Github
* __ about me
* __ rss
27 NOV 2019, 08:00
Using the MySQL Service with Github Actions With the newly introduced Github Actions it’s now possible to run your unit tests and other automation tasks automatically on Githubs infrastructure based on events. This is a short blog post describing how to use the MySQL / MariaDB services with Github Actions.Read more
06 NOV 2017, 00:30
How to run cron jobs with docker Lately I came across the problem of running cron jobs in a docker based environment when we migrated wpvulndb.com to a docker based install. So how should we execute cron jobs when the application is running with docker or docker-compose?Read more
30 MAY 2017, 20:00
rhme2 - Solving the whac the mole challenge RHme2 (Riscure Hack me 2) was a hardware based CTF challenge started back in 2016. Although it’s already over you can download the challenges from their Github page.
All you need is an Arduino (or Arduino compatible) board with an _atmega328p_ chip (Arduino UNO or Arduino Nano). In this post we will solve this challenge by brute forcing it using a second Arduino. Stuff needed to solve this challenge: * an Arduino Nano or UNO* a second Arduino
* an oscilloscope
Read more
07 FEB 2017, 23:30
Turning Piwik Superuser Credentials into Remote Code Execution On a recent pentest I got root access to a MySQL database hosting a PHP web application and also an instance of Piwik . I was able to extract the credentials from the database and crack them really fast because they were only hashed using MD5. It looks like Piwik introduced stronger hashes in Piwik 3 but luckily this target is still running version 2. EDIT: _Piwik now disabled custom plugin uploads by default in 3.0.3 (Changelog ). You have to manually enable it in the config (See FAQ ) so this removes a lot attack surface from existing installs._Read more
13 JAN 2017, 23:45
Vulnhub - DC416: Fortress Writeup Fortress is the last of 4 DC416 VMs by @superkojiman .Read more
10 JAN 2017, 23:00
Vulnhub - DC416: Dick Dastardly Writeup New evening, new VM: DC416 Dick Dastardlyby the famous
@_RastaMouse .
Read more
02 JAN 2017, 22:00
Vulnhub - DC416: Baffle Writeup After I finished DC416 - Basement I wanted to give the next VM a try: DC416 - baffleby @superkojiman
.
Read more
18 DEC 2016, 01:00
Vulnhub - DC416: Basement Writeup Basement is the first of 4 VMs from the DC416 CTF by @barrebason Vulnhub
. There are 5 flags on this machine but I was only able to get 4 of them.Read more
24 NOV 2016, 18:45
Vulnhub - HackDay: Albania Writeup I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albaniafrom @R-73eN
.
Read more
17 JAN 2016, 12:45
UPC Ubee EVW3226 Fail Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a UBEE EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.Read more
Page 1 of 2 Older __ * Copyright by Christian Mehlmauer * source code available on GithubDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0