CVE-2015-0235 Ghost (glibc gethostbyname buffer overflow) Vulnerability is serious cause for all Linux servers. This vulnerability leveraged to execute remote and code execution on the victim Linux server. The vulnerability found By Qualys Researcher and patched in GNU. What is the cause ? The bug is in __nss_hostname_digits_dots() function of function of the GNU C Library (glibc), and location of the path is file for non-reentrant version is nss/getXXbyYY.c , which ...
Updated 01-29-2015 at 10:16 AM by [s]
Hi Guys, Introduction: You read it right. I am going to give a quick demo for the first ever drone backdoor aka Maldrone [Malware Drone] . There are over 70 nations building remotely controllable drones. Most of these drones are capable of making autonomous decisions. Countries buy drones from there neighbors. What are the possibilities that there could be a backdoor in the drone you brought. What are the possible ways you can backdoor a drone. What ...
Last week EMC2/nullcon CTF got over . Even though I really wanted to I did not have enough time to play the ctf. I was/am busy working on my "hacking Drones" research for Nullcon . http://nullcon.net/website/goa-15/sp...rahul-sasi.php Last year I was one among the top 30 finilist of EMC2 defenders league and stood 5th in the final ranking. https://www.facebook.com/photo.php?f...type=1&theater ...
Originally Posted by [s]
Here is my ekoparty video on hacking cable tv networks . DVB-C stands for "Digital Video Broadcasting - Cable" and it is the DVB European consortium standard for the broadcast transmission of digital television over cable. This system transmits an MPEG-2 or MPEG-4 family digital audio/digital video stream, using a QAM modulation with channel coding. The standard was first published by the ETSI in 1994, and subsequently became ...
When I was reluctant to post such basic post my friend forced me to write this article saying "people love basics articles also. Which you think would be known to all." So here goes nothing 1) What is RTL-SDR If you know about RTL-SDR Skip to 3rd point directly. RTL - Realtek SDR - Software Defined Radio 2) History and Discovery of RTLSDR (Source) It turns out that Antti Palosaari is perhaps not entirely ...
Originally Posted by [s] Ho Ho Ho, Xmas challenge ended. This challenge was all about of bypassing login authentication. Obviously, it was funny challenge!! And the obvious reason was password md5 hash. A footnote was there in source code. Code: <!-- We are so generous, see we provided you password hash to login :) 0e100132199235687421930375421091 if(0e100132199235687421930375421091 == md5($_GET['pass'])) { // Simple PHP CODE Logic } ...
<!-- We are so generous, see we provided you password hash to login :) 0e100132199235687421930375421091 if(0e100132199235687421930375421091 == md5($_GET['pass'])) { // Simple PHP CODE Logic }
Hesperbot DGA : Everything is Dynamically generated using GA Our next contender for DGA series is Hesperbot. It generates all strings/object-names dynamically using various "Generation Algorithms" similar to DGA. Though its DGA differs from NGA (Name generation algorithm) used for name generation for objects like filenames, foldernames, mutexes etc. But both DGA & NGA utilises same seed generator. Hesperbot's DGA is free from date/time and generates ...
Archive
Recent Comments