EH-Net
May 18, 2013, 03:31:50 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1]
1  Ethical Hacking Discussions and Related Certifications / Forensics / Re: Computer Forensics Comp on: November 30, 2010, 06:39:27 PM
Hi CrzyAzn. If it's a computer forensics competition, I suppose you have to deal with some kind of .pcap file. If so, just open it with Wireshark, filter only HTTP requests (http.request) and look for a request that contains the "Authorization" header line. Once you found it, you will need to decode the base64 string that follows the "basic" (on the header line) to get the credentials.

gnix

ps: Wireshark has also a http.authbasic filter which should allow you to filter every basic HTTP authentication request. However, I've never had the opportunity to test this expression.
2  Ethical Hacking Discussions and Related Certifications / Other / Re: DefCon: What I liked and didn't like on: August 04, 2010, 11:48:47 PM
I agree with H1t M0nk3y. This year we were definitely to many for the Riviera. The entire space outside of track1-5 wasn't enough for the hundreds of people changing track and often the rooms were to small to handle everybody.

In addition, most of the people were just there to drink. I saw people with beers and alcohol in the hallway, in the contest room and in the speaker rooms. Probably, most of them were more interested in alcohol and strange haircuts than security stuff.

That said. I would like to suggest few presentations very interesting (from my point of view) and very well structured and entertaining.

  • Mastering the Nmap Scripting Engine (very good speakers)
  • Insecurity Engineering of Physical Security Systems (interesting stuff)
  • Exploiting WebSphere Application Server's JSP Engine (very good speaker)
  • pyREtic - In-memory Reverse Engineering for Obfuscated Python (interesting stuff)

Unfortunately, these are the only interesting presentations that I saw at Defcon 18 and I was wondering if you have some other presentations to suggest.

gnix
3  Ethical Hacking Discussions and Related Certifications / Programming / Re: Shift Cipher in C on: September 16, 2009, 09:29:58 PM
Be careful when you use the scanf function to read a string and you don't specify the length of a string. Often, a format with %s is vulnerable to a buffer overflow attack.

gnix
4  Ethical Hacking Discussions and Related Certifications / OSWP - Offensive Security Wireless Professional / Offensive Security Wireless Professional (OSWP) Certification on: September 05, 2009, 11:54:59 AM
Hi all,

I would like to get certified in “wireless security” and I am evaluating some Wireless-Security-certifications. Did anyone get the Offensive Security’s OSWP certification? What do you think about it?

gnix
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.084 seconds with 19 queries.