Browse Category

Resources

Hacksplaining: Learn to Hack

Jun 13, 2016
/
Resources

Hacksplaining is one of the best website that I have seen so far in terms of the way it teaches people about web vulnerabilities. It uses a very simple and fun way of teaching people about the concepts and theory of web vulnerabilities. To make the deal even better, it is free. I don’t know who are the folks behind this website, but I really like how they make education seems so fun. Kudos to them for the amount of time they have invested in coming out with all those examples and exercises, and etc.

Also, I really like their tagline,

“learn to hack, learn to protect yourself”

I fully agree with it, just like when you play sports, you need to know the rules and the various techniques and tactics that can be deployed during an attack, before you are able to effectively defend against them. Same concept applies here, if you don’t understand cross site scripting or SQL injection, how are you supposed to ensure that your web application is protected against them?

The following are the list of techniques that you can learn through Hacksplaining‘s interactive way of teaching you web vulnerabilities,

SQL Injection
Clickjacking
Session Fixation
Cross-Site Scripting
Weak Session IDs
Reflected XSS
Dom-Based XSS
Cross-Site Request Forgery
File Upload Vulnerability
XML Bombs
Open Directs
User Enumeration
Broken Access Control
Unencrypted Communication
XML External Entities
Information Leakage
Password Mismanagement
Privilege Escalation
Command Execution
Directory Traversal

Check it out: Hacksplaining: Learn to Hack

Compiled List of Sample PCAP Files for Practice

Jun 05, 2016
/
Resources

I was once tasked to perform some investigation on a packet capture (pcap) file to retrieve some information. Before I was given the task, I don’t even know anything about pcap file. Some simple research will tell you that it is a file that captures network traffic.

Interesting uh?

One of the best tool used in the industry for performing packet capturing would be no doubt, Wireshark. The tool itself has many features, which I am not going to do a step-by-step guide today. What I am going to share is actually a compiled list of sample pcap files.

You are right, a compiled list of sample pcap files consolidated by people in the community and listed together in the Wireshark Wiki. It is very useful to people learning Wireshark and want to perform some analysis or test out some features on good pcap files which has more variants of realistic network traffic, furthermore, the choices are vast and interesting (since you did not create it yourself, there are some element of surprise).

Check out the list: https://wiki.wireshark.org/SampleCaptures

Hacking for n00bz – Level 7

May 29, 2016
/
General, Resources, Write-ups

In level 7, we get a page with error 404 – page not found, with the following text,

Take a look at the page source and its cookies, etc., clearly shows that nothing is fishy here. However, did you noticed that the navigation bar at the top of the page is missing?

You are right, return to previous pages and see, e.g. “/levelsix.php” or “/levelfive.php”; they are all using the same format of URL naming. But this page is named as “/404.php”, which breaks the “trend”.

Let’s try to navigate to “/levelseven.php” and see if there is anything… and there you go! A blank page with the flag depicted clearly on the website status. Can you spot it?

Once again, we can see that the flag is base64 encoded in “aW5mb3NlY19mbGFnaXNfeW91Zm91bmRpdA==”, we can decode it using an online base64 decode tool – “infosec_flagis_youfoundit” is the flag.

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz

Hacking for n00bz – Level 6

May 29, 2016
/
General, Resources, Write-ups

For level 6, we were being asked to download “sharkfin.pcap” to hunt for the flag, which means that we should probably be prepared to analyse some network traffic. As hinted by the file name, “sharkfin”, let’s open the file using Wireshark and analyse it.

Usually the first few steps that I would do when I open any pcap files in Wireshark is to take a quick glance at what protocols of network traffic were being captured, then look into the more popular ones such as HTTP or FTP.

In this case, I followed the UDP stream 0 and gotten the following string which is probably the flag,

696e666f7365635f666c616769735f736e6966666564

True enough, it is an encoded hexadecimal flag. Using Hackbar, I did a quick conversion and managed to get the flag for level 6, “infosec_flagis_sniffed”.

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz

Hacking for n00bz – Level 5

May 29, 2016
/
General, Resources, Write-ups

For level 5, we get a page with an infinite pop-up that says “hacker!!”.

Upon checking the JavaScript on the page using Firebug or the inbuilt developer tools on any browsers, you will see that is is an infinite loop,

for(;;){ alert(‘Hacker!!!’); }

In the line right after the above JavaScript, there is an image of “aliens.jpg” which is definitely not meant to be seen by us since they have setup an infinitely loop right above this line.

With an image, we could now run it through a Steganography decoder. Reading through various forums, many people recommended the Steghide software, but I did it using an online tool called the Steganographic Decoder, and the following is the output,

01101001011011100110011001101111011100110110010101100011010111110110011001101100011000010110011101101001011100110101111101110011011101000110010101100111011000010110110001101001011001010110111001110011

This long string of 1’s and 0’s is obviously a binary code. Upon decoding it using a Binary decode tool, we are the flag for level 5, “infosec_flagis_stegaliens”.

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz