❌

Reading view

There are new articles available, click to refresh the page.

Building a lab with ModSecurity and DVWA.

I've been meaning to build a ModSecurity lab for a while and seeing as I had some free time I decided it was about time to do it and to document it for everyone to share. The lab I built uses an up-to-date version of ModSecurity with a rule set taken from the SpiderLabs github repo and, so there is something to attack, I've included DVWA.

My AP Collection

I'm going to be doing some AP testing and this is a small part of the collection.

The second part of my introduction to using ZAP to test WebSockets, this part focuses on fuzzing.

The following article is part two of my introduction to ZAP and testing WebSockets, in this episode I'll cover fuzzing. If you've not used ZAP before I suggest you look at some of the official tutorials first - ZAP home page, Videos. You can find my first part here OWASP ZAP and Web Sockets. The testing is being done against a small WebSockets based app I wrote called SocketToMe which has a few published services along with a few unpublished ones. In this article we are going to look at one of the published ones and try to identify some of the unpublished ones. The first feature I'll investigate is the number guessing game. Here the system picks a random number between 1 and 100 and you have to guess it. I'm going to cheat and see if I can get ZAP to play all 100 numbers for me to go for a quick win.

When All You Can Do Is Read.

A look at what files are good to try to read when all you have is read only access to a machine, i.e. no directory listing ability.

Hostapd Karma patches updated to hostapd version 1.0

Hostapd was recently updated to version 1.0 so I've brought the Karma patches up-to-date. This release contains a fully patched source tarball and a patch file if you want to apply it to your own source. I've also added a mention of the hostapd_cli app which you can use to control hostapd once it is running.

Setting up a RIPv1 lab in GNS3 and then exploiting it to poison routes between two machines.

In this lab I'm going to look at RIPv1, probably the most basic routing protocol. As with the VLAN labs I'm building this one in GNS3 and linking it to a Virtual Box machine running Debian. The plan is to build a network with three routers all using RIP to sync their routing information. I'll then use the attacking box to inject a fake route into the network and so divert traffic away from its real target. If you are not familiar with RIP it is hop based system where each hop is a unit and traffic is routed across the shortest number of hops.

Extract meta data from videos taken on iPhones.

ivMeta is based on information in . It will attempt to pull the following bits of information from an iPhone video: * Maker - should always be Apple * iOS Software version * Date video was taken * GPS co-ords where video was taken * Model of phone

A companion tool to Pipal which can spot keyboard patterns in password lists.

It is generally accepted that most passwords in common use are based on dictionary words however, some people decide to use keyboard patterns instead and to try to spot these I've created Passpat. Passpat uses data files containing the layouts of common keyboards to walk each word through the keyboard and score the word based on how close it is to being a pattern. For now I'm taking pattern to mean keys which are next to each other, while qpalzm is a pattern picking something like that up is currently out of the scope of this project.
❌