Bug Bounty Hunting for Web Security.pdf
8.9 MB
for someone who was listening to yesterday's codenight vc, this might be a great Book for BBP
#books
@Mi_Ra_Ch
#books
@Mi_Ra_Ch
β‘9π2
for now let us see the powerful tools when it comes to wireless attacks - Aerodump, Airplay, and Aircrack.
Aerodump is used for packet capturing and monitoring wireless networks. It scans for nearby networks, collects information about them (such as BSSID, channel, encryption type), and captures packets for further analysis. Imagine Aerodump as a special tool that helps you gather information from the air. It's like having a magical net that captures all the signals floating around in the air, like radio waves or Wi-Fi signals. With Aerodump, you can see (not directly through eyes lmao π€£) what's happening in the air and collect data without disturbing anything.
Airplay. think of Airplay as a way to send messages or signals through the air. it is used for deauthentication attacks, which force clients to disconnect from a network. deauthenticating a client means you can capture the WPA handshake when they reconnect (imagine deauthenticating peeps who are scrolling TikTok π).
Aircrack is a password cracking tool that uses brute force or dictionary attacks to crack WPA/WPA2 passwords. It takes the captured handshake and tries different passwords from a wordlist until it finds the correct one. Aircrack is like a secret decoder that helps you unlock hidden codes or passwords. It's like having a super smart friend who can figure out tricky puzzles for you (remember those kids who cross-check your dumpiest questions π)
Aerodump is used for packet capturing and monitoring wireless networks. It scans for nearby networks, collects information about them (such as BSSID, channel, encryption type), and captures packets for further analysis. Imagine Aerodump as a special tool that helps you gather information from the air. It's like having a magical net that captures all the signals floating around in the air, like radio waves or Wi-Fi signals. With Aerodump, you can see (not directly through eyes lmao π€£) what's happening in the air and collect data without disturbing anything.
Airplay. think of Airplay as a way to send messages or signals through the air. it is used for deauthentication attacks, which force clients to disconnect from a network. deauthenticating a client means you can capture the WPA handshake when they reconnect (imagine deauthenticating peeps who are scrolling TikTok π).
Aircrack is a password cracking tool that uses brute force or dictionary attacks to crack WPA/WPA2 passwords. It takes the captured handshake and tries different passwords from a wordlist until it finds the correct one. Aircrack is like a secret decoder that helps you unlock hidden codes or passwords. It's like having a super smart friend who can figure out tricky puzzles for you (remember those kids who cross-check your dumpiest questions π)
practical usage of the tools
first you gonna need a computer with a wifi adapter that supports packet injection, and the following tools installed: Aircrack-ng suite (which includes Aerodump and Airplay), Wireshark (optional for packet analysis), and a wordlist for password cracking. then put your WiFi adapter into monitor mode
wait for a client to reconnect to the network, and Aerodump will capture the WPA handshake.
finally use Aircrack to crack the captured handshake using a wordlist. Run:
#aircrack #aerodump #airplay #pentest #wirelessAttacks #kali
@Mi_Ra_Ch
first you gonna need a computer with a wifi adapter that supports packet injection, and the following tools installed: Aircrack-ng suite (which includes Aerodump and Airplay), Wireshark (optional for packet analysis), and a wordlist for password cracking. then put your WiFi adapter into monitor mode
airmon-ng start wlan0then use Aerodump to capture WiFi traffic and identify the target network. Run:
aerodump-ng mon0here Airplay to deauthenticate a client from the target network to capture the handshake. Run:
airplay-ng -0 2 -a [BSSID] -c [Client MAC] mon0
wait for a client to reconnect to the network, and Aerodump will capture the WPA handshake.
finally use Aircrack to crack the captured handshake using a wordlist. Run:
aircrack-ng -w [wordlist] -b [BSSID] [capture file]If you will be successful, Aircrack will display the password. If not, you gotta try a different wordlist or capture more handshakes.
#aircrack #aerodump #airplay #pentest #wirelessAttacks #kali
@Mi_Ra_Ch
π₯3π1
cant wait till firefox does the same thing
https://press.opera.com/2024/04/03/ai-feature-drops-local-llms/
https://press.opera.com/2024/04/03/ai-feature-drops-local-llms/
Opera Newsroom
Opera becomes the first major browser with built-in access to local AI models
Opera announces that itβs adding experimental support for 150 local LLM (Large Language Model) variants to its Opera One browser in developer stream.
π₯2π1
Forwarded from Dark horse (Fearless Soulπ€΄π¨βπ¦½)
How to Be Lucky
You make your own luck. There's a great experiment that I can't cite, but it has stuck in my mind since I was a child. They identified people as lucky and unlucky, and asked them to count the number of photographs in a newspaper. The unlucky people took a long time to count the photographs, while the lucky people took a very short time. The reason is that the unlucky people were so focused on counting the photographs that they missed the giant text that said, "Stop counting, there are 43 photographs in this newspaper."
What I took away from this experiment was the idea that it might not be the case that lucky people and unlucky people have different opportunities, but rather that their field of perception is wider. Lucky people can actually see the opportunities. A lucky person and an unlucky person might meet the same businessman, but they might talk about different things. One could be presented with or ask for an opportunity that the unlucky person doesn't even see as possible.
I often ask myself, "Okay, I'm focused on getting X, but let's not forget to read the headlines."
what do you think?
You make your own luck. There's a great experiment that I can't cite, but it has stuck in my mind since I was a child. They identified people as lucky and unlucky, and asked them to count the number of photographs in a newspaper. The unlucky people took a long time to count the photographs, while the lucky people took a very short time. The reason is that the unlucky people were so focused on counting the photographs that they missed the giant text that said, "Stop counting, there are 43 photographs in this newspaper."
What I took away from this experiment was the idea that it might not be the case that lucky people and unlucky people have different opportunities, but rather that their field of perception is wider. Lucky people can actually see the opportunities. A lucky person and an unlucky person might meet the same businessman, but they might talk about different things. One could be presented with or ask for an opportunity that the unlucky person doesn't even see as possible.
I often ask myself, "Okay, I'm focused on getting X, but let's not forget to read the headlines."
what do you think?
β€2
Dark horse
How to Be Lucky You make your own luck. There's a great experiment that I can't cite, but it has stuck in my mind since I was a child. They identified people as lucky and unlucky, and asked them to count the number of photographs in a newspaper. The unluckyβ¦
the unlucky 305 peeps who didn't read the instruction π
π10
so yeah I'm kinda back from a 4-month break. The only thing rising faster than my anxiety about returning to posting is the dollar exchange rate. π Let's hope my jokes haven't depreciated as much as the money.
tbh, it feels good to be back to posting and am ready to share all the things I've been up to (namely, reading random stuffs and contemplating the meaning of life πΏ ).
(P.S. If you see me suddenly selling off my laptop and entire wardrobe, it's not a midlife crisis, it's just me trying to stay ahead of inflation π)
tbh, it feels good to be back to posting and am ready to share all the things I've been up to (namely, reading random stuffs and contemplating the meaning of life πΏ ).
(P.S. If you see me suddenly selling off my laptop and entire wardrobe, it's not a midlife crisis, it's just me trying to stay ahead of inflation π)
π15π₯5π1
Understanding Stack-Based Buffer Overflows in Programming
let's dive deep into one of the classic yet crucial vulnerabilities in programming β the Stack-Based Buffer Overflow. This bug has a legendary status for causing some of the most catastrophic breaches.
What is a Buffer Overflow?
Imagine you have a sequence of boxes, and each box can hold a single alphabet. What happens if you try to stuff more alphabets than the boxes can hold? Simply, the extra alphabets will overflow onto adjacent spaces. In the realm of computing, these "boxes" are memory locations, and "alphabets" are data bytes.
A buffer is a sequential memory block reserved to contain data. A buffer overflow occurs when the volume of data exceeds its storage capacity, leading to adjacent memory locations being overwritten. This can cause erratic program behavior, including access violations, data corruption, and crashes.
The stack is a special region of the computer's memory that stores temporary variables created by each function (including the main function). It also keeps track of function calls to manage return addressing. The stack is structured in a last-in, first-out (LIFO) manner.
In a stack-based buffer overflow scenario, the buffer is located on the stack. Typically, this kind of overflow is caused by functions like
the code can be exploited if input contains more than 10 characters.
How Does Overflow Work?
Here's a simplified view:
1. Function Call Initiated: When a function is called, it is pushed onto the stack with all its parameters and local variables.
2. Buffer Overwritten: If a local buffer is flooded with more data than it can handle, this excess data spills over adjacent buffer areas. Crucially, if this overflow overwrites the return address stored on the stack, an attacker can potentially control the flow of execution.
3. Control Hijacked: By carefully crafting the overflowing content, an attacker could redirect the programβs execution to malicious code.
Preventing Buffer Overflows
Mitigating buffer overflow vulnerabilities mainly involves careful programming practices:
- Bounds Checking: Always check the size of the input against the buffer's capacity.
- Safe Functions: Use safer versions of functions where possible, such as
- Canaries: Some compilers insert 'canaries'βspecial guard variables to detect buffer overflows before tampering with function return addresses.
- Address Space Layout Randomization (ASLR): ASLR randomly rearranges the address space positions of key data areas of a process, which reduces the likelihood of a successful buffer overflow attack.
Incidents
Historically, buffer overflows have been responsible for major security incidents, including the infamous Morris Worm of 1988. Despite modern security mechanisms like DEP (Data Execution Prevention) and ASLR, buffer overflows are still found and exploited.
Concluding Thoughts
knowing stack-based buffer overflows is more than just about handling arrays or pointers in programming; it's about having a mindset that questions, 'What can go wrong?'
#TakeAByte #BufferOverflow #StackOverflow #pentest
@Mi_Ra_Ch
let's dive deep into one of the classic yet crucial vulnerabilities in programming β the Stack-Based Buffer Overflow. This bug has a legendary status for causing some of the most catastrophic breaches.
What is a Buffer Overflow?
Imagine you have a sequence of boxes, and each box can hold a single alphabet. What happens if you try to stuff more alphabets than the boxes can hold? Simply, the extra alphabets will overflow onto adjacent spaces. In the realm of computing, these "boxes" are memory locations, and "alphabets" are data bytes.
A buffer is a sequential memory block reserved to contain data. A buffer overflow occurs when the volume of data exceeds its storage capacity, leading to adjacent memory locations being overwritten. This can cause erratic program behavior, including access violations, data corruption, and crashes.
The stack is a special region of the computer's memory that stores temporary variables created by each function (including the main function). It also keeps track of function calls to manage return addressing. The stack is structured in a last-in, first-out (LIFO) manner.
In a stack-based buffer overflow scenario, the buffer is located on the stack. Typically, this kind of overflow is caused by functions like
strcpy() or sprintf(), which do not perform bounds checking when copying data to a buffer. for instance check the following code void my_function(char *input) {
char buffer[10]; // Buffer size is 10 bytes
strcpy(buffer, input); // No bounds checking!
// ... more code ...
}
the code can be exploited if input contains more than 10 characters.
How Does Overflow Work?
Here's a simplified view:
1. Function Call Initiated: When a function is called, it is pushed onto the stack with all its parameters and local variables.
2. Buffer Overwritten: If a local buffer is flooded with more data than it can handle, this excess data spills over adjacent buffer areas. Crucially, if this overflow overwrites the return address stored on the stack, an attacker can potentially control the flow of execution.
3. Control Hijacked: By carefully crafting the overflowing content, an attacker could redirect the programβs execution to malicious code.
Preventing Buffer Overflows
Mitigating buffer overflow vulnerabilities mainly involves careful programming practices:
- Bounds Checking: Always check the size of the input against the buffer's capacity.
- Safe Functions: Use safer versions of functions where possible, such as
strncpy() over strcpy().- Canaries: Some compilers insert 'canaries'βspecial guard variables to detect buffer overflows before tampering with function return addresses.
- Address Space Layout Randomization (ASLR): ASLR randomly rearranges the address space positions of key data areas of a process, which reduces the likelihood of a successful buffer overflow attack.
Incidents
Historically, buffer overflows have been responsible for major security incidents, including the infamous Morris Worm of 1988. Despite modern security mechanisms like DEP (Data Execution Prevention) and ASLR, buffer overflows are still found and exploited.
Concluding Thoughts
knowing stack-based buffer overflows is more than just about handling arrays or pointers in programming; it's about having a mindset that questions, 'What can go wrong?'
#TakeAByte #BufferOverflow #StackOverflow #pentest
@Mi_Ra_Ch
π₯3
Winlator is an Android application that allows you to run Windows applications using Wine and Box86/Box64
[GitHub link]
#apps #android
@Mi_Ra_Ch
[GitHub link]
#apps #android
@Mi_Ra_Ch