It’s always useful to know as much about the technology stack behind a web application in order to exploit it. One simple way to get information about an application is to look at the 404 not found page. If the site hasn’t created a custom 404 page, it can be used to fingerprint the framework / language being used by the site.| 0xdf hacks stuff
Bash Pitfalls| mywiki.wooledge.org
Zipping has a website with a function to upload resumes as PDF documents in a Zip archive. I’ll abuse this by putting symlinks into the zip and reading back files from the host file system. I’ll get the source for the site and find a filter bypass that allows SQL injection in another part of the site. I’ll use that injection to write a webshell, and include it exploiting a LFI vulnerability to get execution. For root, I’ll abuse a custom binary with a malicious shared object. In Beyon...| 0xdf hacks stuff
The seven medium challenges presented challenges across the Web Security, Fun, Network Security, Forensic, Crypto, and Reverse Engineering categories. While I’m not always a fan of cryptography challenges, both day 13 and 14 were fantastic, the former having me abuse a weak hash algorithm to bypass signing requirements, and the latter having me recover an encrypted file and key from a core dump. There’s also a Bash webserver with an unquoted variable, a PCAP with a flag in the TCP source ...| 0xdf hacks stuff
