Skip to content

{ Tag Archives } Security

Basic Shellcode Analysis

Analyzing a shellcode is always instructive, it can give the penetration tester hints about what is used in it, or the penetration tester can learn about the techniques used, but he might also prevent himself to use destructive shellcodes. After a few searches on the Internet I found a pastebin page to illustrate my example. […]

Also tagged , , ,

“Hacking” Friends Hotmail’s Accounts

There are a few existing ways of hacking an hotmail account, such as brute-force, or the secrete answer/question, but today I(and friends) found another “way” of doing it (that I never heard before) Long story short : To make it work, the hacker needs to know the “save” e-mail address, and hope, this address has […]

Also tagged , , ,

Forensic Bookmark.plist from Safari

I was reading some documents on Mac Os X forensic, and I was searching how to get back the Bookmark.plist from safari to parse it and read it easily. I knew that this file is located in the following folder :

I was thinking that “plist” files where always XML documents and tried with python to […]

Also tagged , , ,

Intruded Nº4

Level four :

It looks like the second challenge, but, let’s have a closer look to the inside :

After isolation of the important instructions :

I used brake points :

Let’s have a closer look to $esp

This was the password I typed in, let’s see further

Seems […]

Also tagged , ,

Intruded Nº3

Let’s connect to the server :

Let’s directly go to the Wargame folder

Multiple small program, let’s try them all :

It looks like we have to use ./prog we have to read /home/level4/.passwd … and ./prog is reading the file /tmp/file.log and printing the content … so let’s link both

[…]

Also tagged , , ,

Intruded nº2

Now that we succeeded the first level, let’s go for the second one. Once connected to the second level you see this :

let’s see the available files and directories :

Let’s explore a bit further :

and a bit further

Finally, a wargame folder

Let’s run the small program […]

Also tagged , , , ,

Intruded nº1

Today I tried the Intruded Leviathan wargame. This resolves the first challenge :   open a terminal type “ssh level1@leviathan.intruded.net -p 10101” type the password  leviathan Connect to the remote web server :

First thing to do, evaluate the situation with the following command :

As we can see there is a .backup […]

Also tagged , ,

UDP Flooder in C

Yesterday we where still working on some attacks on our  bench test  and we tried some exploits on IP phones that we found on the internet. Most of them where making DOS or DDOS on the phones, this means that the phones were basically freezing.  Then we made some modification to a C UDP flooder […]

Also tagged , , , , , , , , , ,

Who’s connected ?

To know who’s connected on your computer use the following commands : Commands : who : show the connected users : Linux/Mac last : show last connexion (passed ) : Linux / Mac lastb : show last connexion (failed) : Linux These files may also contain clues :

Also tagged , , , , , ,