HackMag – Page 30 – Tech magazine for cybersecurity specialists

Useless Crap? No, not nearly! Advance your binary exploitation skills by solving a sophisticated CTF challenge

Date: 29/05/2021

PWN challenges are my favorite tasks at CTF contests. Such tasks effectively train you in real-life code analysis, while their write-ups usually describe all fine details, even those already addressed by other authors. Today, I will explain how to solve a task named “Useless Crap” by its author (it’s available on TG:HACK 2020). The author estimates its difficulty as hard. The task is very challenging indeed, and it took me almost twelve hours to complete it at the contest.

Read full article →

Poisonous Python. Coding malware in Python: a locker, an encryptor, and a virus

Date: 29/05/2021

Author: Valery Linkov

Why write malware in Python? First, to learn the basics of malicious coding and, second, to practice in this programming language. After all, malware written in Python is widespread in this wild world, and many antiviruses don’t detect it.

Read full article →

Battle smartphone. How to transform your Android device into ‘hackerphone’ with Termux and Kali

Date: 29/05/2021

Author: Ghoustchat

In sci-fi movies, hackers use cellphones to compromise heavily protected networks. Up until recently, it was just a fantasy, but now this fantasy becomes a reality. In this article, I will explain how to transform your phone into a powerful hacking tool.

Read full article →

Spying penguin. Windows post-exploitation with a Linux-based VM

Date: 29/05/2021

Author: s0i37

Windows-based systems are significantly more resistant against MITM attacks in comparison with Linux-based ones. The reason is simple: Windows does not include a handy mechanism to forward transit packets. Today, I will explain how to use a minimalist Linux system running on a virtual machine as a gateway. The attack also involves bridged network interfaces that grant the guest OS full L2 access to the network segment where the compromised Windows system is located. The VM will be deployed using VirtualBox.

Read full article →

MicroB. Writing BASIC in assembler language and squeezing it into 512 bytes

Date: 30/03/2021

Author: HackMag

Want some practice in assembler? Today, I will show step-by-step how to write a BASIC interpreter and run it from the boot sector of your PC. My interpreter includes overlapping subprograms with branching recursion – otherwise, BASIC won’t fit in 512 bytes. It’s quite possible that this project becomes the most sophisticated program in your life. But after writing it by your own hands, you will be able to rightfully call yourself a hacker.

Read full article →

Android security: evolution from version 1 to version 11

Date: 25/03/2021

Author: Eugene Zobnin

For a long time, Android was known as a slow and insecure OS for losers unable to afford an iPhone. Is this still true, and was Android really so bad? Leaving aside the interface smoothness and OS capacity, I am going to briefly discuss the evolution of the worst element in Android: its security system.

Read full article →

Android SSL Pinning

Date: 17/03/2021

Author: Sergey Khariuk

Introduction

Modern requirements to mobile data processing apps designed for work with personal and financial data include secure data transfer over the Internet. SSL pinning is a mechanism used to satisfy this requirement: it enables the user to identify a server based on an SSL certificate stamp embedded into the app. This makes Man-In-the-Middle attacks almost impossible and prevents the interception of the data traffic between a client and a server.

cyberlands.io

Read full article →