Hey, KEEP CALM and hack away…
Cyber security and penetration test
Lab Intro A local police department has hired you to pentest their website. They had a new website created by a web development company and they want to make sure that everything is secure and in order. In this lab you will practice with Burp Suite, configuring the scope of the engagement, intercepting the communications…
Lab Intro This lab focuses on how to use burp suite. A client provides you with a URL to a web application running on a remote server. The client wants to know if there are any sensitive resources exposed. Use Burp Suite to identify if a sensitive resource was left unprotected by developers. Intranet Subnet:…
Background FoxyProxy is a good extenstion. But the lack of keyboard shortcuts is making it somewhat troublesome. For example. I have 4 proxies, Socks, none, BurpSuite, and ZAP. Socks is for you-know-what, none means no proxy, BurpSuite and ZAP are for webapp testing (TryHackMe, HackTheBox, and the like). I often use Burp and ZAP together,…
Lab Intro Intranet Subnet: 172.16.91.0/24 Under-investigation machine’s IP: 172.16.91.100 Connection Type: RDP Task 1 Connect to and scrutinize the 172.16.91.100 machine. Use the connection details documented in the Network configuration & credentials section above to connect to the 172.16.91.100 machine. Inspect the 172.16.91.100 machine for any interesting files. Identify all the available scripting languages, which…
CRC (Cyclic Redundancy Check) I’m not gonna talk about definitions here. It has been well documented, well, millions of times I guess. What I’m going to talk about here is the logic behind CRC and why certain arithmetic approach is adopted to calculate CRC. What is XOR Still not a definition. Come to think about…
Lab Intro There’re three networks in the lab, two of which are accessible because they are already configured in the routing table. Though the third one is not. The third network is marked 192.168.222.199. And all the networks reside in a /24 network. Goal Add routing entry for the third network to make it accessible….
Background The time was 2019, a time when I’ve got familiar with all the bits and bytes of how things work in our wholesale store. By the way, we do women’s fashion. I tried my best to improve the overall efficiency, making it easier for the clerks to handle different tasks. One thing caught my…
问题描述 原始字符串为 mcinventoryv4er9ll1!ss,使用如下方式在命令行直接编码 echo 'mcinventoryv4er9ll1!ss' | base64 得到的结果是 bWNpbnZlbnRvcnl2NGVyOWxsMSFzcwo= 而正确的编码结果应该是 bWNpbnZlbnRvcnl2NGVyOWxsMSFzcw== 问题原因 经过尝试,可能是由于字符串末尾不可见的换行字符造成的问题。也是因为不同版本 echo 的实现造成的。 解决方法 直接在命令行编码的时候,使用 echo -n 'mcinventoryv4er9ll1!ss' | base64 即可得到正确的编码结果。 或者使用 printf 'mcinventoryv4er9ll1!ss' | base64 即可得到正确的编码结果。 另外,在这篇文章中,还提到了各种 shell 背后的引用会造成的其他问题。 因此建议使用行为更加稳定的 printf 来进行字符串的编码操作。
目录 回顾 今日目标 必要工具的安装及介绍 工具一览 工具介绍 GCC Hosted Environment Freestanding Environment Linker C 语言编译(gcc 的临时文件) 预处理或预编译(Pre-processing) 编译(Compiling) 汇编(Assembly) 链接(Linking) Objdump Nasm Ndisasm Cross-compiler C 与汇编 局部变量 条件判断 循环 函数调用 指针 加载内核 手动编译 指定内核入口 extern 指令 Makefile 基本规则 特殊变量 默认目标与临时文件清理 宏、匹配规则与通配符 新的代码结构 新的 Makefile Debug 内核代码 QEMU 与 GDB 总结 参考链接 回顾 上一篇文章,我们讨论了以下内容: 读取硬盘所需的参数设置,硬盘数据的地址由 CHS 提供,我们需要将柱面,磁头,扇区信息写入相应的寄存器…
“从头开始写操作系统” 的系列文章进行到了内核阶段。写作已经开始,正在组织思路。这一章节,如果只是看代码,那么就会忽略很多的细节。我准备从编译工具开始入手,讲一下为什么在内核这个阶段会涉及和之前不同的工具链;接着,我会讨论 C 代码与汇编的关系,从一个什么都不做的 C 程序,到有局部变量,到有方法调用,到有指针,从这几种情况入手分别通过反汇编,来学习 C 语言与汇编的相互关联。 OS-From-Scratch 的作者在书中说,学习和深入 C 最好的步骤不是从比他更高级的语言如 Java,Python 入手,而是应该从比他更加低级的汇编入手,才能真正了解 C 的特性,才能真正充分发挥 C 的高效。 另外,Hacking – The Art of Exploitation 一书也正在不断阅读当中。选择这本书是偶然,但是却和现在正在进行的操作系统编写非常契合。书的前两章针对 GDB,C 与汇编做了大量的讲解,作为 OS-From-Scratch 的补充非常不错。 周五会出行,所以内核这篇文章,预计将在下周三发布。