Coding – Page 3

Battle Linux. Best pentesting and OSINT distributions

Date: 20/11/2021

Author: Hackat and Mikhail Artyukhin

In this article, we will briefly discuss specialized Linux distributions used by pentesters and ethical hackers. The most popular such distribution is Kali, but we want to bring to your attention several other Linux systems – not only no less efficient, but even surpassing Kali in certain areas.

Read full article →

Divination by IPsec logs: A practical guide to IKE protocol

Date: 19/09/2021

Author: Daniil Baturin

IPsec was designed as a universal protocol stack for VPN – the ultimate solution rendering all alternative protocols unnecessary. However, the existence of OpenVPN, WireGuard, and many other protocols clearly indicates that the developers of IPsec failed to achieve their goal.

Read full article →

Chum Bucket. How I hacked a 20-billion corporation using a free service

Date: 19/09/2021

Author: Dead Beef

As you are likely aware, data breaches occur on a regular basis in this wild world. Each such incident is preceded by painstaking work: information collection and analysis, identification of security holes, selection of attack tools, etc. Today, I will reveal to our readers how I hacked the $20-billion TUI Group using publicly available free tools and my own wits.

Read full article →

Security hole in BIG-IP. Exploiting a new vulnerability in F5 products

Date: 06/09/2021

Author: aLLy

In July 2020, a severe vulnerability was identified in the F5 product line. The bug affects inter alia BIG-IP, an application delivery controller used by many major companies, including banks and mobile operators. The vulnerability received the highest severity index because it allows unprivileged attackers to gain full control over the target system.

Read full article →

How to reinstall Windows remotely

Date: 02/06/2021

Author: Hackcat

Remote work is the main trend of this year. It suddenly turned out that many things can be done more efficiently from home than sitting in the office. In my humble opinion, such a standard operation as OS reinstallation can be performed remotely as well. Today, I will show how to do this.

Read full article →

Holes in the hole. Vulnerabilities in Pi-hole allow to seize control over Raspberry Pi

Date: 01/06/2021

Author: aLLy

Three severe vulnerabilities have been recently discovered in Pi-hole, a popular app that blocks advertisement and unwanted scripts. Two of these vulnerabilities result in remote command execution, while the third one allows to escalate your privileges to root. Let’s examine the origin of these bugs and concurrently find out how to detect vulnerabilities in PHP code and Bash scripts.

Read full article →

Duck tales. How to create a wireless analogue of Rubber Ducky

Date: 29/05/2021

Author: Candidum

Hackers and pentesters consider BadUSB an efficient attack vector; it emulates the keyboard and performs operations on the attacked computer under the disguise of user input. Such attacks are very difficult-to-detect because neither the OS nor antiviruses suspect the keyboard of any wrongdoing. Today, I will show how to create your own BadUSB tool – a wireless device looking like a memory stick.

Read full article →