.burso | blog about ctf & anything else

How find a vulnerable server on the internet?

NOTICE: Educational purposes only! Hi, I want to show you how easy it is to find a vulnerable server on the internet. Okey guys, so now, firstly we need to have some TOR client for anonymity ;) Before we begin, look at the following tools tor nyx proxychains-ng shodan curl nmap $ tor & $ nyx -i 127.0.0.1:9052 Then we can test, if the tor is working correctly with proxychains...

OSCE Prologue or How to get Secret key to CTP?

If you want to register to CTP, you will need something they call Registration Code and Secret Key. So firstly, there is interesting file /fc4.js function fc4me(srvstr) { if(!document.pleazfc4me.email.value || !document.pleazfc4me.securitystring.value) { alert("Please fill in all the required fields!"); return false; } if(document.pleazfc4me.securitystring.value != hexMD5("\x74\x72\x79\x68\x61\x72\x64\x65\x72"+srvstr)) { alert("Registration Authorization String not accepted! Try Harder! "); return false; } else { document.pleazfc4me.submit(); } } So all you need to do is setup some js variables in browser console and call fc4me(srvstr)...

Notes from #34c3

moongen nmap-vulners is great script for automatically find possible issues of services on opened ports. It’s partly replacing Nessus, but it’s open source. It is using vulners database for finding possible vulnerabilities. Vulners is also great tool, because it allows check all your installed packages. You can find it in audit section. taskwarrior shamir secret sharing restic khal

.grsec patch size_overflow

I think you sure know linux kernel patches from grsecurity. In follow tweet you can read about size overflow in patch from grsec. Tweet was in the meanwhile deleted. So what is the problem in this patch? When you change int (signed value) to size_t (unsigned value), you have to be sure you are saving unsigned value. room = N_TTY_BUF_SIZE - (ldata->read_head - tail); And what happens when the right site will have negative value?...

.prielom #1

::::::::::. :::::::.. :::.,:::::: ::: ... . : `;;;```.;;;;;;;``;;;; ;;;;;;;'''' ;;; .;;;;;;;. ;;,. ;;; `]]nnn]]' [[[,/[[[' [[[ [[cccc [[[ ,[[ \[[,[[[[, ,[[[[, $$$"" $$$$$$c $$$ $$"""" $$' $$$, $$$$$$$$$$$"$$$ 888o 888b "88bo,888 888oo,__ o88oo,.__"888,_ _,88P888 Y88" 888o YMMMb MMMM "W" MMM """"YUMMM""""YUMMM "YMMMMMP" MMM M' "MMM prielom #1, 6.1.98, prielom(at)hysteria.sk, http://hysteria.sk/prielom/ intro vianocny kapor bol super, ze ? ked som na stedry den tlacil do hlavy vyprazaneho kapra, bola este fajn atmoska, ked som sa vsak potom vramci po-vianocnych rodinnych navstev musel pozerat na spontanne-slintajucu babicku, sxizoidnu tetu a ozraleho stryka a potom nastupit po novom roku do roboty, bolo po nalade....