Modern aircraft continuously transmit telemetry to each other using the ADS-B protocol. In this article, I will explain how to create your own imaginary plane and demonstrate how data transmission works. Important: all actions described below will be performed in strict compliance with the respective…
CONTINUE READING 🡒 Category: Coding
ADS-B guide
Wherever you are, aircraft frequently pass overhead; sometimes several ones in a few minutes. Services like Flightradar24 provide precise real-time information about these flights using data received over the ADS-B protocol. You can also receive and decode such data; just…
CONTINUE READING 🡒 Safe Python: Secure coding techniques
This article discusses an important matter every cool hacker programmer should care about: secure code. Perhaps, you think it’s boring and difficult? Not at all! Today I will share with you some of my experience and show how to write Python code you…
CONTINUE READING 🡒 Hand-made cheat: Looking through walls and aiming automatically in a…
Today you will learn how to write a cheat for an online shooter. This cheat will implement such hacks as extrasensory perception (ESP) and aimbot. ESP displays player information above their heads (e.g. player’s health, name, or current weapon); while aimbot automatically…
CONTINUE READING 🡒 Challenge the Keemaker! How to bypass antiviruses and inject shellcode…
Recently, I was involved with a challenging pentesting project. Using the KeeThief utility from GhostPack, I tried to extract the master password for the open-source KeePass database from the process memory. Too bad, EDR was monitoring the system and prevented me from doing this: after…
CONTINUE READING 🡒 EVE-NG: Building a cyberpolygon for hacking experiments
Virtualization tools are required in many situations: testing of security utilities, personnel training in attack scenarios or network infrastructure protection, etc. Some admins reinvent the wheel by assembling fearsome combinations of virtual machines and all kinds of software. I suggest another way: set up an emulation…
CONTINUE READING 🡒 Reverse shell of 237 bytes. How to reduce the executable…
Once I was asked: is it possible to write a reverse shell some 200 bytes in size? This shell should perform the following functions: change its name and PID on a regular basis, make you coffee, and hack the Pentagon… Too bad, this is most likely impossible.…
CONTINUE READING 🡒 Kernel exploitation for newbies: from compilation to privilege escalation
Theory is nothing without practice. Today, I will explain the nature of Linux kernel vulnerabilities and will shown how to exploit them. Get ready for an exciting journey: you will create your own Linux kernel module and use it to escalate your privileges to superuser. Then…
CONTINUE READING 🡒 Bug in Laravel. Disassembling an exploit that allows RCE in…
Bad news: the Ignition library shipped with the Laravel PHP web framework contains a vulnerability. The bug enables unauthorized users to execute arbitrary code. This article examines the mistake made by the Ignition developers and discusses two exploitation methods for this vulnerability.
CONTINUE READING 🡒 Digging to the bottom. Escalating privileges to root with kernel…
This article discusses one of the most sophisticated PWN topics: kernel exploitation in Linux. You are about to learn what tools are required for kernel debugging, what are LKM, KGDB, IOCTL, and TTY, and many other exciting things!
CONTINUE READING 🡒 The big heap adventure. Mastering heap exploitation techniques on a…
This article covers the following topics: memory management algorithms in Linux, heap exploitation techniques, and exploitation of the Use-After-Free (UAF) vulnerability on a host where all protection mechanisms are enabled. The target machine is RopeTwo, one of the most hardcore VMs on Hack The Box.
CONTINUE READING 🡒 Secrets of V8 Engine. Dissecting Chrome on a Hack The…
No, this article isn’t about motor cylinders and valves – it’s about Google V8 Engine used in Chromium and Android. Today, I will show how to hack it on RopeTwo, the most hardcore VM on Hack The Box. Concurrently, you will learn what types of data…
CONTINUE READING 🡒 How to fool MSI installer: Instruction for lazy hackers
To run a program, you must install it first. But what if the installer doesn’t want to start, or even worse, refuses to install the app? In that situation, you have no choice but to hack it. Today, I will show how to do this easily, quickly,…
CONTINUE READING 🡒 Long live the data! How to recover information from a…
As you are well aware, computer specialists are often asked to recover data from broken flash drives. Today, I will explain how to use TestDisk and PhotoRec for data restoration. And then I will show that all you need to recover data…
CONTINUE READING 🡒 Right to root. Privilege escalation in Linux
Root privileges allow you to do whatever you want in the system: establish a foothold by creating a backdoor, inject a rootkit or a trojan, alter or delete any information, etc. Accordingly, privilege escalation is one of your primary objectives during an attack. In this article, I will…
CONTINUE READING 🡒 OSCP exam and how to pass it
Every information security specialist is aware of OSCP certification. It takes plenty of time to prepare to this exam, then it takes a whole day to take it, and then you produce a write-up describing your experience. Those willing to take the OSCP exam post tons of questions in Twitter,…
CONTINUE READING 🡒 Battle Linux. Best pentesting and OSINT distributions
In this article, we will briefly discuss specialized Linux distributions used by pentesters and ethical hackers. The most popular such distribution is Kali, but we want to bring to your attention several other Linux systems – not only no less efficient, but even…
CONTINUE READING 🡒 Divination by IPsec logs: A practical guide to IKE protocol
IPsec was designed as a universal protocol stack for VPN – the ultimate solution rendering all alternative protocols unnecessary. However, the existence of OpenVPN, WireGuard, and many other protocols clearly indicates that the developers of IPsec failed to achieve their goal.
CONTINUE READING 🡒 Chum Bucket. How I hacked a 20-billion corporation using a…
As you are likely aware, data breaches occur on a regular basis in this wild world. Each such incident is preceded by painstaking work: information collection and analysis, identification of security holes, selection of attack tools, etc. Today, I will reveal to our readers…
CONTINUE READING 🡒 Security hole in BIG-IP. Exploiting a new vulnerability in F5…
In July 2020, a severe vulnerability was identified in the F5 product line. The bug affects inter alia BIG-IP, an application delivery controller used by many major companies, including banks and mobile operators. The vulnerability received the highest severity index because it allows unprivileged…
CONTINUE READING 🡒