Sniffing Whatsapp

WhatsAPP is a cross-platform app for phones that is used by thousands of people around the world, I’ve used it couple times, but not anymore, not when I knew it transfers almost everything in plaintext and rarely uses HTTPS only for changing status and in the registration process (?). I decided to [...]

Linux and File descriptors leakage

When a process opens a file it creates a file descriptor which can be found at /proc/PID/fd/ these file descriptors are integers that goes as follow. 0 -> stdin 1 -> stdout 2 -> stderr and any extra file descriptor opened will take the next number 3,4,..etc. The file descriptor can be socket, [...]
rage

zsh > bash

After using bash for many years I finally decided to move to zsh forever! It’s pure amazing compared to all the shells out there. If you’re searching for a nice zshrc to start with try this http://grml.org/zsh/. Also, this link contain a summary of some of the awesome features zsh have. Other [...]
asciifull

Badchars and dealing with them

While surfing the wild internets I found a vulnerable server on corelan’s.be website he wrote to write a tutorial about exploitation on windows. It can be found here. Anyway, I decided to take that code and write a function to uppercase the received buffer just to make it more challenging :D. The [...]
solarmsf

Solarftp v2.1.2 BOF MSF module

I have ported the exploit discussed on the previous post to metasploit framework. It’s more stable than the python code for sure, and it’s universal on all windows XP due the use of a jmp eax from sfsweb.dll which ships with solarftp. Also, some tiny changes have been added to the skeleton of the [...]
solar1

Solarftp 2.1.2 patched or not ?

Continuing on exploit-db found a remote exploit on solarftp v2.1.1 PASV command POC. So I decided to give the vendor’s website a visit and see if they patched this issue. They’ve released v2.1.2 and patched both a vulnerability in PASV and USER commands which causes a ‘crash’ they say. Here’s the [...]
bison

BisonFTP Server <= 3.5

I went to exploit-db and found this remote-exploit on an ftp server called BisonFTP so I decided to check it out and exploit it ‘On a windows XP SP2′ . The app can be downloaded from here. Anyway, after installing the application and fuzzing it. I’ve created this simple code to figure out what is [...]
n00k

N00k!

Since the university is starting soon, and I’ll be back to studying stuff that are most probably !@#$ boring. I  bought what called Nook which is kind of a PDA with the Elink monitor that stores PDF files ‘to be read’. Really awesome. I’ve loaded it with many books related to security, social [...]
osce

Offensive Security Certified Expert

I just got a word that I have successfully passed OSCE. When I took OSCP I though ohh this is a kind of a hard course, and now I look back and after the suffering with OSCE I think OSCP was a peace of cake comparing to this. I’m not comparing the contents, I’m comparing the hardness of the course [...]
2011-07-31_12-04-37_191

6th Annual Car show in Philadelphia

  Some Random Pictures Taken by me at the 6th Annual Car show in Philadelphia. I was driving around and found it by mistake, didn’t know what was going on. Just parked my car and acted like one of them. Didn’t even pay for the registration thing :P. Anyway, there were awesome cars, restaurants, [...]
Go to Top