When importing my sitemanager.xml from my windows filezilla to my linux box i discovered that the passwords in it are store in base64 encoding completely unencrypted. This is sucks, because i use a master password to, what i thought, encrypt my passwords with it. So what is the master password for? Etablishing a wrong sense … Read morefilezilla stores passwords in (almost) plain text
https://www.vulnhub.com/entry/hackinos-1,295/ running sparta gave me port 22 and 8000, on 8000 i found a defunct wordpress. which pointed to localhost, that could be fixed with locally assigning localhost to the vm’s network ip. i also found that Handsome_Container was a valid wordpress username. i started bruteforcing it with burp suite. nikto revealed some interesting infos: … Read morevulnhub hackingOS writeup
His next years panel is also cool https://youtu.be/AayXf5aRFTI
Browsing Reddit I stumbled upon an article about Kevin Mitnick and what he’s doing nowadays. Since I’m still remembering the websites wearing orange free Kevin banners back in the days, I was pretty curious. Its awesome to see that he runs a very successful cybersec company. “Mitnick said he initially became a computer hacker because … Read moreMagery
Da ich häufig zum testen neuer server umgebungen ein frisches Debian benötige, aber auf die schnelle keine Virtual Box Aplliances finden konnte, habe ich mal eines gemacht. Es basiert auf der offiziellen Debian 9.6. Netinstall (https://www.debian.org/CD/netinst/#netinst-stable) und es sind lediglich die standard Systemwerkzeuge und ssh server intalliert. Frisch installiert, keinerlei Änderungen. root:password Download: http://imap.cf/debian-9.6_mini.ova
was quite a fun and my first ctf event. i had much rl stuff goin on during the 2 days, might have been better when i had more time. im looking forward to see some writeups for the ones i tried and didnt solve. http://utctf.live
This is a quick writeup of the challenge https://immersivelabs.online/labs/cyber-warrior-immune-hacking-group which was funny 🙂 In this warrior challenge you’ll need to follow the breadcrumbs to infiltrate an underground hacking community. You can find the community at their website, immunehackinggroup.tk – from here its all on you. i found the first flag in the source code of … Read moreimmune hacking group writeup
lasst unser Internet nicht sterben – uploadfilter verhindern! https://act.eff.org/action/germany-help-save-the-internet-from-the-copyright-directive
https://affinelayer.com/pixsrv/index.html
Regelmäßig seine Logfiles zu checken ist wichtig, ich lasse mir meine per Mail schicken. logcheck schreibt bei Security Events selbiges in das Subject, da sieht man gleich wenn was ungewöhnliches passiert. lediglich in /etc/logcheck/logcheck.conf die eigene Emailadresse eintragen und der Rest passiert mehr oder weniger von selbst.
