This challange was an amazing team effort. There were multiple steps necessary for the solution and different people contributed. The final big challenge was a bash eval injection, but without usin...
At first I was not able to solve the mindreader challenge and then I got spoiled. I have a critical look at my approach and figured out two major mistakes I made.
This was considered a hard challenge. After finding and analysing the source code we found a GQL injection. Unfortuantely there is a system in place that will ban you for too many requests. So we u...
Part 1: reverse engineering the functionality of the cookbook binary with IDA Part 2: Leaking heap address and libc base address Part 3: Arbitrary write - House of Force
Part 1: reverse engineering the functionality of the cookbook binary with IDA Part 2: Leaking heap address and libc base address Part 3: Arbitrary write - House of Force
Part 1: reverse engineering the functionality of the cookbook binary with IDA Part 2: Leaking heap address and libc base address Part 3: Arbitrary write - House of Force
A "Let's Play" (or Let's Hack?) series of the unique game Pwn Adventure 3. We are going to reverse engineer the client and the network protocol, in order to fly, teleport and much more!
Part 1: Pwn Adventure 3 is a game with CTF challenges - it was created to be hacked. This is the first part of a longer series where we will have a look at all challenges from the game and just hav...
Part 2: Before we can start with the hacks we have to setup a private server. I used this project to learn more about Docker myself and share my result so you can set it up easily.
Part 3: We start to get technical by gathering some information. This is a crucial step in order to get a better understanding about the game in order to hack it.
Part 4: We start reverse engineering! Luckily the game comes with not-stripped binaries which means all the class names are included. We can use the debug information to dump class definitions with...
Part 5: Finally our first hack! We use the LD_PRELOAD feature to overwrite functions of the dynamic library libGameLogic.so. This allows us to change a lot of behaviour in the client.
Part 7: We use chat messages to implement teleport commands and try to get access to more chests. But it's not that easy and we have to implement hovering.
Part 8: We are combining what we learned to find the hidden Golden Eggs. But the last egg has a little twist to it, so we had to reverse engineer a bit more.
Part 9: To analyse the game traffic, we are developing a simple proof of concept TCP network proxy. Then we can start to reverse engineer the protocol.
Part 11: We reverse engineer more network packets and then also add functionality to inject packets. With that we build a remote autoloot for easy farming.
A reddit user finds raspberry pi zeros hidden behind trash cans, vending machines and other places in the college library. We reverse engineer them and determine if they are malicious.
totally clickbait. but also not clickbait. I don't know where to start hacking, there is no guide to learn this stuff. But I hope you still have a plan now!
In this video we use SIMtrace to intercept the communication between the phone and SIM card to understand how that works. This is part 1 in a series introducing mobile security.
Hacking Competition in China. Our team qualified for the Real World CTF finals in China organised by Chaitin Tech, which was a really awesome CTF. In this video I want to share my experience and th...
This is what my brain tells me a lot. But sometimes we just need a break. And it's OK to take a break - however long it has to be. And in this video I'm sharing how I try to deal with these negativ...
One night I ordered food and I accidentally injected a Burger into the order. The delivery guy confused a comment as another item on the order list and made it. Even though no price was attached to...
We will have a look at what syscalls are and what it has to do with the kernel mode an user mode. We do this by exploring a kernel function and trace it down to the assembler level.
Short ~10min videos about web security stuff. We start with very beginner videos and we will explore more and more advanced stuff. No bullshit fake hacking.