Holes in the hole. Vulnerabilities in Pi-hole allow to seize control over Raspberry Pi

Three severe vulnerabilities have been recently discovered in Pi-hole, a popular app that blocks advertisement and unwanted scripts. Two of these vulnerabilities result in remote command execution, while the third one allows to escalate your privileges to root. Let’s examine the origin of these bugs and concurrently find out how to detect vulnerabilities in PHP code and Bash scripts.
Read full article →

Duck tales. How to create a wireless analogue of Rubber Ducky

Hackers and pentesters consider BadUSB an efficient attack vector; it emulates the keyboard and performs operations on the attacked computer under the disguise of user input. Such attacks are very difficult-to-detect because neither the OS nor antiviruses suspect the keyboard of any wrongdoing. Today, I will show how to create your own BadUSB tool – a wireless device looking like a memory stick.
Read full article →

ZetaSDR: Assembling a software defined radio with your own hands

SDR (software defined radio) is a radio communication system that uses software to convert radio signals into digital code. This provides tremendous possibilities for the analysis of radio signals, and plenty of SDRs are currently available on the market. In this article, I will explain how SDR operates and will show how to create a radio receiver with your own hands. Concurrently, I will do my best to minimize the loads of math required to understand the topic.
Read full article →

Useless Crap? No, not nearly! Advance your binary exploitation skills by solving a sophisticated CTF challenge

PWN challenges are my favorite tasks at CTF contests. Such tasks effectively train you in real-life code analysis, while their write-ups usually describe all fine details, even those already addressed by other authors. Today, I will explain how to solve a task named “Useless Crap” by its author (it’s available on TG:HACK 2020). The author estimates its difficulty as hard. The task is very challenging indeed, and it took me almost twelve hours to complete it at the contest.
Read full article →