[Kippo] 40 days result
Here is the result of the attacks on my kippo honeypot. Total SSH login attempts count: 219710 Total unique passwords: 34354 Total Number of files tried to wget stuff and run it: 40 (including...
View Article[PHP] MySQL result to JSON – For mongoDB
So today i tested mongoDB and i wanted some rows from an existing database but it had to be in JSON format so i wrote this little script to port it. <?php set_time_limit(0);...
View ArticleMySQL to MongoDB
After trying this script that i wrote yesterday [PHP] MySQL result to JSON – For mongoDB found out it’s not very useful if the MySQL result is big (like in my case) and 570MB of JSON encoded data is...
View Articlehydra windows
In this page i will try to keep an up-to-date version of hydra for windows. Compiled using cygwin. Current Version: 7.3 Last update 2012-05-23 You can download the hydra tool here hydra-7.3-windows.zip...
View ArticleHydra 7.3 windows
Hydra is A very fast network logon cracker which support many different services. You can download the hydra tool here hydra-7.3-windows.zip You can download the source here hydra-7.3-src.tar.gz...
View Articlewordpress version finder
I was thinking about wordpress version enumeration and while the meta generator tag is very explicit but it’s not always showing since some (most?) public/custom themes don’t show that meta tag. So...
View ArticleClik here to view.
[Game] LIMBO
Hello people (And bots) i got this game “LIMBO” (and others) via the humble bundle. You can pay $1 to get the 4 games on steam, and if you pay more than average (~$7.80) you get the extra game...
View Article“URL Cloak & Encrypt” wordpress plugin XSS vulnerability
The “URL Cloak & Encrypt” wordpress plugin is vulnerable to cross site scripting. Vulnerable code: if(strpos($url,’http://’)===false&&strpos($url,’https://’)===false) $url =...
View ArticleDownloading from HTML5 youtube without addons
My friend Denis Laskov asked if that was possible. Youtube HTML5 video download without toolbars and extentions? #help — Denis Laskov (@it4sec) August 22, 2012 After few minutes of trying (and...
View ArticleRevolution: the final chapter
First of all; by “End” i don’t mean that the revolution has ended/died or whatever, but the purpose of the revolution is to end a regime and put another in place – and that in-fact has happened. Before...
View ArticleGhost in the Shellcode 2015 CTF – MTGO Writeup
Hello, world. MTGO was a great, i loved that challenge. And i haven’t solved anything like that before. You are supplied with a file mtgo.py and you are supposed to exploit it’s crypto. It uses current...
View ArticleGhost in the Shellcode 2015 CTF – cloudfs writeup
Hello, Internet! In this challenge, You are given a cloudfs file it was an xz archive Extract it and you get cloudfs-31c938df3531611b82fddf0685784a2b67373305ec689015f193a555b756beb21 a network capture...
View Articleth3jackers 2015 CTF misc50 writeup
Introduction to Keylogging (misc50) Description: WTF ?: ^[[1;3Aload+^[[1;3Bload+^[[1;3C+here+^[[1;3D4dead <!— Hints : MetaKey , Alt key —-!> At first i thought it was some obscure format but i...
View Articleth3jackers 2015 CTF misc100 writeup
Weird Text (misc100) Description: Giv m th flg plz ! Part of the supplied file was: ______ ____________ _ _______ { _______ 1 ______________________ 3 – _____________ 3 – ____________________ ________...
View Articleth3jackers 2015 CTF crypto100 writeup
OHSHIT (crypto100) Description: Decrypt the cipher using the encryption program And attachment is supplied: challenge.7z It contains an encryption program and crypto.txt containing Name: Automated...
View Articleth3jackers 2015 CTF crypto200 writeup
The last word (crypto200) Description: Decrypt this And attachment is supplied: challenge.txt It looks hex’ish? so i try hex decoding with no luck. Then i noticed it had too many zeros? so i tried to...
View Article[Solution] VLC not going fullscreen and showing taskbar on Linux Mint
On Linux Mint XFCE. Rarely when i double click the VLC video playing, it won’t go fully fullscreen – it occupies the whole screen except of the task bar menu. The solution is a no-brainer actually. The...
View ArticleExecuting bash commands without space
Hello, world. So I was in this CTF competition and my teammate (@aboul3la) found a command injection vulnerability in one of web application challenges. If you input `>file.txt` the server creates a...
View ArticleClik here to view.
How to mount NTFS partition as executable on Linux
Hello Internet. So i was trying to install a new Steam folder on a removable NTFS partition and it gave me the error. “New Steam library folder must be on a filesystem mounted with execute permissions”...
View Article[Game Review] Bulletstorm
Bulletstorm is a 2011 first-person shooter video game made by Polish developer People Can Fly and the American company Epic Games, and is published by Electronic Arts for the PlayStation 3, Xbox 360...
View Article
