So you’ve got oclHashcat and you want to practice cracking hashes but you’ve got no hashes? Fear not! There are hashes listed below for you to play with or if you would like to generate hashes yourself download my perl module here and have a play with making them and then cracking yourself: svn checkout http://hashcat-passgen.googlecode.com/svn/trunk/ hashcat-passgen Direct link to code here. (Big thanks to atom at hashcat.net for giving… Continue reading
You have a website and you’ve proven it’s vulnerable to clickjacking, but what use is fooling a user into submitting a form unless you can specify some of the data that the user is submitting within those fields?
We’ve all played games online where you have to match up words to phrases or maybe things like the “impossible game” where you drag the words to the respective colours.
What about… Continue reading
UPDATE: If you’re on a Mac I suggest you use this python script instead.
The Synology Diskstation(DS) devices have a Photo Station application that creates a web based album of folders in your /photos folder.
The DS creates thumbnails for these photos when they are uploaded to the NAS. Unfortunately these devices are using slow low power processors so converting the photos takes some time. Each photo has 5… Continue reading
So I noticed whilst web app testing that would receive a cookie with a value called bIPs: 709aed354747fda133a5da28dbed60e7 95eb48ad7eae5c0aa9766f0258ae8a35
Looks like it’s using a big IP load balancer. I noticed it was MD5 and that was confirmed by finding the code that generates the hash(cheers scriptmonkey).
I decided to use Hashcat to do the bruteforcing. First thing that came to mind was how to use a dictionary containing… Continue reading
I’m working on a side project that has me contributing to a GIT repository for source control.
Great! Only I haven’t got a freaking clue how to use it properly.
First in the list:
Pushing “Tags” up to the master repository
First thing to note is that tags are typically only noted on your local copy of the repository. They aren’t pushed up to the origin when you make a… Continue reading