Today, we will work with the OS file system — we will learn how to navigate through directories, open and change files. Then, we’ll master the powerful spells called “regular expressions,” learn the intricacies of creating and calling functions, and finally write a simple SQL vulnerability scanner.…
CONTINUE READING 🡒 Category: Coding
Python from absolute zero. Learning to work with strings, files,…
One day, Crocodile Gena and Cheburashka were asked to write an essay on the topic ’How I spent my summer.’ The problem was that the friends drank beer all summer. Gena, who can’t lie, wrote it that way, so Cheburashka had to replace some…
CONTINUE READING 🡒 
Python from absolute zero. Learning to code without boring books
If you think a hacker doesn’t need programming, you’re deeply mistaken! Yes, you can rock Kali Linux and use premade programs, copy code from forums, and blindly download scripts from GitHub. But your skill limit until you learn to write and understand…
CONTINUE READING 🡒 
Custom fabrication. Reversing D-Link router firmware
When you create custom firmware for routers, you often have to forge the signature so that your handmade microcode can be flushed using the stock web interface. To forge a signature, you must be familiar with the image validation procedure in the stock firmware. To get a general…
CONTINUE READING 🡒 
Serpent anatomy: Dissecting and reversing PyInstaller
Humanity has created a whole bestiary of scripting languages with low learning curves in an attempt to make the IT world accessible to imbeciles newbies who have completed a month-long course. Without question, Python is currently the king of beasts in this bestiary. The creeping reptile has entangled the entire…
CONTINUE READING 🡒 
ADS-B Spoofing
Modern aircraft continuously transmit telemetry to each other using the ADS-B protocol. In this article, I will explain how to create your own imaginary plane and demonstrate how data transmission works. Important: all actions described below will be performed in strict compliance with the respective…
CONTINUE READING 🡒 
ADS-B guide
Wherever you are, aircraft frequently pass overhead; sometimes several ones in a few minutes. Services like Flightradar24 provide precise real-time information about these flights using data received over the ADS-B protocol. You can also receive and decode such data; just…
CONTINUE READING 🡒 
Safe Python: Secure coding techniques
This article discusses an important matter every cool hacker programmer should care about: secure code. Perhaps, you think it’s boring and difficult? Not at all! Today I will share with you some of my experience and show how to write Python code you…
CONTINUE READING 🡒 
Hand-made cheat: Looking through walls and aiming automatically in a…
Today you will learn how to write a cheat for an online shooter. This cheat will implement such hacks as extrasensory perception (ESP) and aimbot. ESP displays player information above their heads (e.g. player’s health, name, or current weapon); while aimbot automatically…
CONTINUE READING 🡒 
Challenge the Keemaker! How to bypass antiviruses and inject shellcode…
Recently, I was involved with a challenging pentesting project. Using the KeeThief utility from GhostPack, I tried to extract the master password for the open-source KeePass database from the process memory. Too bad, EDR was monitoring the system and prevented me from doing this: after…
CONTINUE READING 🡒 
EVE-NG: Building a cyberpolygon for hacking experiments
Virtualization tools are required in many situations: testing of security utilities, personnel training in attack scenarios or network infrastructure protection, etc. Some admins reinvent the wheel by assembling fearsome combinations of virtual machines and all kinds of software. I suggest another way: set up an emulation…
CONTINUE READING 🡒 
Reverse shell of 237 bytes. How to reduce the executable…
Once I was asked: is it possible to write a reverse shell some 200 bytes in size? This shell should perform the following functions: change its name and PID on a regular basis, make you coffee, and hack the Pentagon… Too bad, this is most likely impossible.…
CONTINUE READING 🡒 
Kernel exploitation for newbies: from compilation to privilege escalation
Theory is nothing without practice. Today, I will explain the nature of Linux kernel vulnerabilities and will shown how to exploit them. Get ready for an exciting journey: you will create your own Linux kernel module and use it to escalate your privileges to superuser. Then…
CONTINUE READING 🡒 
Bug in Laravel. Disassembling an exploit that allows RCE in…
Bad news: the Ignition library shipped with the Laravel PHP web framework contains a vulnerability. The bug enables unauthorized users to execute arbitrary code. This article examines the mistake made by the Ignition developers and discusses two exploitation methods for this vulnerability.
CONTINUE READING 🡒 
Digging to the bottom. Escalating privileges to root with kernel…
This article discusses one of the most sophisticated PWN topics: kernel exploitation in Linux. You are about to learn what tools are required for kernel debugging, what are LKM, KGDB, IOCTL, and TTY, and many other exciting things!
CONTINUE READING 🡒 
The big heap adventure. Mastering heap exploitation techniques on a…
This article covers the following topics: memory management algorithms in Linux, heap exploitation techniques, and exploitation of the Use-After-Free (UAF) vulnerability on a host where all protection mechanisms are enabled. The target machine is RopeTwo, one of the most hardcore VMs on Hack The Box.
CONTINUE READING 🡒 Secrets of V8 Engine. Dissecting Chrome on a Hack The…
No, this article isn’t about motor cylinders and valves – it’s about Google V8 Engine used in Chromium and Android. Today, I will show how to hack it on RopeTwo, the most hardcore VM on Hack The Box. Concurrently, you will learn what types of data…
CONTINUE READING 🡒 
How to fool MSI installer: Instruction for lazy hackers
To run a program, you must install it first. But what if the installer doesn’t want to start, or even worse, refuses to install the app? In that situation, you have no choice but to hack it. Today, I will show how to do this easily, quickly,…
CONTINUE READING 🡒 
Long live the data! How to recover information from a…
As you are well aware, computer specialists are often asked to recover data from broken flash drives. Today, I will explain how to use TestDisk and PhotoRec for data restoration. And then I will show that all you need to recover data…
CONTINUE READING 🡒 
Right to root. Privilege escalation in Linux
Root privileges allow you to do whatever you want in the system: establish a foothold by creating a backdoor, inject a rootkit or a trojan, alter or delete any information, etc. Accordingly, privilege escalation is one of your primary objectives during an attack. In this article, I will…
CONTINUE READING 🡒