ctf hacking

Hacking MSSQL without knowing the password Copyright owned by original author0x01 Preface In a recent penetration test, I accidentally noticed some unencrypted MSSQL traffic during packet capture. Because the syntax is put there, it won't be wrong. At first, I thought this was a way to capture the authentication credential. However, MSSQL encrypts the login traffic, which means I had to crack its encryption algorithm to obtain the credential. If a se

.googlecode.com/svn/trunk proxmark-trunk // because this is the code that is cloned from Google via SVN, when executing this command remember FQ CD proxmark-trunk/Clientmake// Enter PM3 's working terminal HW Tune // test Equipment0x02 ConclusionThe environment was set up, as the article said: PM3 can be in the water card, bus card, Access card and other RFID\NFC card and corresponding to the machine read, data exchange time to sniff attack, and use the sniffer data through the XOR Check tool

Are you still looking for a tool to complete your daily activities, or are you just looking for new tools that you can try to play? No need to worry, because today is your lucky day! Today, I will mention a variety of links, resources and editing tools that can be used for penetration testing, computer forensics, security, and hacking techniques.toolswatch.orgToolswatch.org is maintained by NJ Ouchn (@toolswatch) and Maxi Solder (@maxisoler). This is

Hacking events ringing network security alarms(Forwarded ... )22nd this month, Weibo topic # E-commerce in the face of hackers lost millions # sparked a hot debate. It is reported that the event is the first social e-commerce show Ah, the app in the event of a machine in lieu of real users to register for download to obtain rewards, many times cheating, millions of active funds immediately exhausted, the actual interests of other users have been infri

Soon after work, always want to do something, learn something, but never seem to start.Yes, I want to learn hacking, perhaps a lot of people want to learn, but many Daniel said, this has a foundation, towering high-rise, I did a little bit of cryptanalysis, plus some places have small paranoia, try to translate the book. As a Test 8 times before CET6 engineers, in fact, really can not ask too high, the content of the deviation and translation of the C

The annual Pwn2Own hacking competition is a nightmare for various browsers, especially the Internet Explorer. Chrome was not so lucky this year until the end of previous years, and the competition was won at the beginning.The Vupen team used a security vulnerability to break Chrome within five minutes of the start of the game. They will receive a reward of at least $6000, some of which are Google's pockets. Of course, the security vulnerability that

Gsm bts Hacking: Use BladeRF and open source BTS 5 to build base stations CitationIf you have purchased Nuand (official) BladeRF x40, you can run OpenBTS on it and enter instructions to complete some tasks. In general, HackRF is the most widely covered SDR board. Almost all of its information is open-source, and even contains KiCad files. The disadvantage is that it does not have an FPGA and uses a low-speed USB2 interface. The accuracy of ADC/DAC is

Android Hacking Part 6: Debugging Android applications In the future, we will learn how to use JDB to debug Android applications. If an Android Application can be debugged, we can inject and run our own code in the Process of the application. Background This article is not even more interesting. I developed a simple demo application with only one button and one input box. Download: Http://yunpan.cn/cf3RVN5fRRC73 (extract code: 8734) Run the following

About your battle: simple and beautiful hacking gamesThis is a simple and beautiful little game mounted on Github. It seems nothing special, challenges test your exploration of various programming languages or at a higher level (today I am not low-I am proficient in C, C ++, JAVA, PHP, Python, Ruby, javascript, VB, Go, Perl, and other languages !)X001: G () ('al') DescriptionThe G () ('al') game is to challenge you and enable you to use as many langua

Web Hacking skills Introduction This is the second article in web penetration exercises. You can search for the translation of the first article on our website and find it in this part, we will briefly introduce directory traversal and the Tips about crawler crawling key information on webpages. Exercise 8 Directory Traversal Figure: a simple web page for viewing article content In this exercise, we need to open the PathTraversal directory, in the di

**********/@Override Public voidonlocationchanged (location location) {//location.getlatitude (): Latitude//location.getlongitude (): DimensionString str = "Latitude:" +location.getlatitude () + "\nlongitude:" +Location.getlongitude (); Toast.maketext (Getbasecontext (), str, toast.length_long). Show (); LOG.E ("Gpsbasics", "onlocationchanged."); } @Override Public voidonproviderdisabled (String provider) {/******** called when User off Gps *********/Toast.maketext (Getbasecontext (),"Gp

in mid-2011, the Linux kernel official website kernel.org was hacked, the attacker implanted a rootkit Phalanx and set up the SSH backdoor on the server, kernel.org for three weeks. The official said it would open a report on the invasion, but the promise was not fulfilled until now: The U.S. Department of Justice issued a press release announcing that Florida police arrested 27-year-old programmer Donald Ryan Austin on August 28 and was released after paying $50,000 in bail.If convicted, he fac

steps to build down the server ( ASP , PHP , JSP ). 2 , Master for example Google hackers, Cookies , phishing, social engineering, etc.3 , Learning HTML , JavaScript , VBScript . 4 , Learning Standards SQL language, and the use of most databases. 5 , Learning ASP , and has an excavation ASP the ability to script vulnerabilities. 6 , Learning PHP , and has an excavation PHP the ability to script vulnerabilities. 7 , Learning JSP , and has an excavation JSP the ability to script vulnerabilities.

(structFec_platform_data Fec_data) {fec_get_mac_addr (FEC_DATA.MAC); ----------+if(!is_valid_ether_addr (FEC_DATA.MAC)) |random_ether_addr (FEC_DATA.MAC); | |if(CPU_IS_MX6SL ()) |IMX6SL_ADD_FEC (fec_data); |Else|IMX6Q_ADD_FEC (fec_data); |} | |Static intFEC_GET_MAC_ADDR (unsignedChar*MAC) {unsignedintvalue; Value= Readl (mx6_io_address (OCOTP_BASE_ADDR) + HW_OCOTP_MACN (0)); mac[5] = value 0xFF; mac[4] = (Value >>8) 0xFF; mac[3] =

# from this software without specific prior written permission.## This software are provided by the COPYRIGHT HOL DERs and contributors#" as is"and any EXPRESS OR implied warranties, including, but not limited# to, the implied warranties of merchantability and FITNESS for A particular# PURPOSE is disclaimed. In NO EVENT shall the COPYRIGHT HOLDER or# CONTRIBUTORS being liable for any DIRECT, INDIRECT, incidental, special,# exemplar Y, or consequential damages (including, but not LIMITED to,# pr

current CMD string to the next cmd after each package will need to be installed=$new _cmdfi Doneif["$needs _installation"=""]; Then Echo "System has required packages!"Else Echo "System requires packages $needs _installation to be installed" Echo "installation requires you administrator priviliges (sudo access)" Echo "On your host. Do you have administrator privilieges?"# Force the user to answer. Maybe the user does not want to continue while true; DoRead-P"Type ' y ' to continue