Henry864

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #54164
      Henry864
      Participant

      We already discussed the basics of the Padding Oracle Attack in a previous video. In this video, we will look at a proof of concept on a ASP.NET application.

      This proof-of-concept exploit performs a Padding Oracle attack against a simple ASP.NET application (it can be any application) to download a file from the remote Web Server. In this example the proof-of-concept exploit downloads the Web.config file.

    • #54193
      Henry864
      Participant

      “SQL Injection” is subset of the an unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

      We’ll note that this was a somewhat winding road with more than one wrong turn, and others with more experience will certainly have different — and better — approaches. But the fact that we were successful does suggest that we were not entirely misguided.

      There have been other papers on SQL injection, including some that are much more detailed, but this one shows the rationale of discovery as much as the process of exploitation.

    • #52355
      Henry864
      Participant

      PentesterLab is an easy and straight forwards way to learn the basics of penetration testing. It provides vulnerable systems in a virtual image, and accompanying exercises that can be used to test and understand vulnerabilities.

    • #54268
      Henry864
      Participant

      If you need to change the URL of a page as it is shown in search engine results, we recommend that you use a server-side 301 redirect. This is the best way to ensure that users and search engines are directed to the correct page. The 301 status code means that a page has permanently moved to a new location.

      301 redirects are particularly useful in the following circumstances:

      You’ve moved your site to a new domain, and you want to make the transition as seamless as possible.
      People access your site through several different URLs. If, for example, your home page can be reached in multiple ways – it’s a good idea to pick one of those URLs as your preferred (canonical) destination, and use 301 redirects to send traffic from the other URLs to your preferred URL. You can also use Search Console to set your preferred domain.
      You’re merging two websites and want to make sure that links to outdated URLs are redirected to the correct pages.

      To implement a 301 redirect for websites that are hosted on servers running Apache, you’ll need access to your server’s .htaccess file. (If you’re not sure about your access or your server software, check with your webhoster.) For more information, consult the Apache .htaccess Tutorial and the Apache URL Rewriting Guide. If your site is hosted on a server running other software, check with your hoster for more details.

    • #54168
      Henry864
      Participant

      For some time, Apache and Microsoft have commanded the lion’s share of the Web server market. While Apache is the clear-cut winner in the Netcraft and Security Space monthly surveys, Internet Information Server dominates among Fortune 1000 enterprises.
      SWatch Reader Favorite! IIS and Apache are the two most widely deployed Web servers. Not surprisingly, each has a loyal and vehement following. This tutorial goes beyond the noise to compare execution environments, dynamic components, security and authentication, performance, and reliability.

      Both are viable choices, and each carries its own set of pros and cons.

      With Apache 2.0 in production release since mid-2002 and IIS 6.0 shipping since earlier this year, we’ve decided the time has come to run a feature-by-feature comparison of the two servers to help readers better determine which server suits their needs.

    • #54033
      Henry864
      Participant

      When it comes to creating applications, there is a need for multiple environments to support the development process. It typically starts on the developers own computer, then on to an integration environment, a QA testing environment, possibly a UAT (User Acceptance Testing) environment, and then finally production. Depending on your organization, you may have some, none, or all of these different environments.

      When it comes to security, the focus is typically on the production environment. This is where the instances that all of the users use are on a daily basis. This has all the “real” data. It is where real credit card numbers or social security numbers may reside. There is a lot of effort put on securing the production environment.

    • #52657
      Henry864
      Participant

      TrustedSec is proud to announce the release of the Social-Engineer Toolkit (SET) v5.0 codename: The Wild West. This version is a culmination of six months of development, bug squashing, and user feedback. New with this version includes a completely redesigned multiprocessing web server that handles non-rfc compliant HTTP information. The builtin SET web server would on occasion crash when receiving unexpected characters. The new version of the web server is stable, and significantly faster. This version if Kali Linux compliant (FSH) where all information is now moved and removed from src/program_junk and to your ~/.set home directory.

      In addition to FSH structuring of SET, we have also added some significant performance and stability updates. For example, traditionally if you launched an attack, you would have to exit out of SET completely then relaunch. The dynamic importing has now changed to fix this and improve the ability to reuse modules.

    • #53775
      Henry864
      Participant

      Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

      BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

    • #53326
      Henry864
      Participant

      It really has been a long time since I last posted. This post is more of an essay, so it may be a TL;DR for some, but hopefully a there is some good information for those who wish to break into Penetration testing or at the very least something I can point people to next time I’m, asked.

      As I’m sure is the experience of other Penetration Testers, I’m often asked (or see slapped across LinkedIn Forums) by a whole range of people “How do I break into Penetration testing?” or the like. The prospect of becoming a ‘professional hacker’ is all too enticing for graduates, IT professionals and even Information Security bods in other functional areas alike. Having answered this question and posed many a question in rebuttal, I decided to formalise my experiences, musings and advice into a single blog post. I hope it helps.

    • #53294
      Henry864
      Participant

      Introducing the Offensive Security Penetration Testing Labs (OSPTL), a safe virtual network environment designed to be attacked and penetrated as a means of learning and sharpening your pen testing skills. The OSPTL was created using our years of experience running the Offensive Security Training Labs, as well as the large number of pen tests we have conducted over the years. This allows us to mirror interesting scenarios and introduce them into our hosted virtual labs. The virtual labs network is rife with both public and private vulnerabilities, each designed to deliver a specific educational experience to attacking participants.

      Our hosted virtual labs networks are rich with various Operating Systems and attack vectors, allowing participants to utilize and hone a broad set of Offensive Security pen testing skills. Many vulnerable machines have non-standard configurations, often forcing participants to dig deep into the vulnerabilities in order to complete their task, rather than blindly using automated tools. This in turn provides for a richer and significantly more educational experience. Simply pointing existing attack tools at the targets and clicking “go” won’t work.

    • #53057
      Henry864
      Participant

      Kali Linux is the evolution of Backtrack a notorious Digital Forensic and Intrusion Detection software suite with a whole lot of tools for Penetration Testing. Offensive Security, the creators of Backtrack and Kali Linux, decided to incorporate many new changes to what was then to be called Backtrack 6. Since it had been completely built from scratch up and many new changes added it was given a new name, Kali Linux.

      If you have by chance seen or used Backtrack before the commands are the same but there are some differences. For example Kali Linux is based on Debian instead of Ubuntu, also there is no longer a /pentest directory as in Backtrack 5.

    • #54290
      Henry864
      Participant

      Cyber criminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2015, information security professionals must understand these five trends. In information security circles, 2014 has been a year of what seems like a never-ending stream of cyberthreats and data breaches, affecting retailers, banks, gaming networks, governments and more. The calendar year may be drawing to a close, but we can expect that the size, severity and complexity of cyber threats to continue increasing, says Steve Durbin, managing director of the Information Security Forum (ISF), a nonprofit association that assesses security and risk management issues on behalf of its members.

    • #53460
      Henry864
      Participant

      I am not going to tell you that you need to know C/C++ because it is the language that every hacker has to know to be worth of such a name. I am not even going to try to convince you that C/C++ has a shrinking community and this will make the wages rise for those fortunate programmers knowing such language. I will not even use the card of the “high profile” job for a C programmer, also if it is the case since Google, Microsoft, all the high frequency trading players, games studios and everyone in the aerospace industry do need to be as close to the metal as possible to get the maximum from their machines (Luca, a dear friend of mine, used to refer to this as “smelling the soldering”). I am going to use a different point.

      I suppose that as an engineering or computer science graduate, programmer or just a simple self-taught practitioner, you know — or just have a sense of — how the computer you are reading this document on, the network that took it to you and the browser rendering it work.

      Most likely, the operating system that you use and that makes your computer more than a bunch of metal, silicon and carbon-oxide; the drivers of the network card and the browser itself have being written in C. While the compiler for your favourite programming language could be written in the language itself (this is called “self-hosting”), it could be written in C for efficiency or historical reasons. For certain, if it is based on a virtual machine, this last one is written in C/C++.

    • #51593
      Henry864
      Participant

      Index Security tube Linux Assembly Expert Sale rapid share media fire mega upload hot file, via torrent download, emule download, full free download, Index Security tube Linux Assembly Expert Sale rar zip password, crack serial keygen cd key download or anything related.
      Index Security tube Linux Assembly Expert Sale | Security tube Linux Assembly Expert | Rapidgator Security tube Linux Assembly Expert | Security tube Linux Assembly Expert Download | Security tube Linux Assembly Expert Rapidshare | Security tube Linux Assembly Expert Torrent | Download Security tube Linux Assembly Expert | Torrents Security tube Linux Assembly Expert | Security tube Linux Assembly Expert Download Free | Security tube Linux Assembly Expert Course Free Download

    • #52214
      Henry864
      Participant

      If you are indeed a beginner programmer, you may wish to consider the books in the 2nd book list I wrote up in A Python Reading List by Wesley Chun:

      Hello World! Computer Programming for Kids and Other Beginners, 2nd ed., Warren Sande and Carter Sande, Manning
      Invent your Own Computer Games with Python, 2nd edition, Al Sweigart
      Python for Software Design: How to Think Like a Computer Scientist, Allen B. Downey, Jeff Elkner and Chris Meyers, Green Tea Press
      Python Programming for the Absolute Beginner, 3rd ed., Michael Dawson, Course Technology

      While some of those books seem to target children, you’re certainly welcome to try them. Books that teach programming by writing games are especially motivating.

      Be cautious of some of the other answers in this thread… there are some recommended books, which while good books, are completely NOT FOR BEGINNERS! The posters either failed to read your subtitle clarification or don’t understand what books are and aren’t appropriate for new programmers, focusing only on their preferred Python books. (Check Amazon & Goodreads reviews to confirm first before buying anything!)

Viewing 14 reply threads

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?