Sometimes a coder, no matter how experienced, makes incredibly novice mistake. These mistakes commonly find their way into finished software, and can be exploited by users to make the program do things that were not intended. Sometimes these result in funny glitches that make interesting YouTube Videos, sometimes its far more serious and results in the ability for a user or an attacker to gain root or administrator access to a system.
Are you the only one reading your Text Messages?
Your Text Messages are not secure, and I’m not necessarily talking about the NSA and other foreign intelligence agencies who almost certainly read your messages; and they’ve been doing it for years. But anything the Government can do, an enterprising or creative user can do as well. With the appearance of consumer available hardware that can be repurposed to redirect your cellphone through an attacker controller pop-up site, its becoming more and more appropriate to secure your own communications. Luckily, since the Snowden Leaks, encryption has taken more of a leap, and encrypting your data is easier than its ever been. I’ve rounded up some of the more popular apps below that make encryption easy and effortless for the end user. (more…)
Deal me into a hand of Blackjack
Our second foray into pwnable.kr takes us into a Blackjack script written by a student named Vladislav Shulman on the C Programming forums. The Program does as you’d expect, allowing players to bet from a limited purse; and playing a random game of Blackjack (21). Our challenge to get the flag: earn ourselves a million dollars at this fake casino table. Of course, you could play this the intended way… but then why would you be here? (more…)
Your Home WiFi is a gateway to your most private information, take a moment to secure it.
You’ve opened the box for your brand new shiny home wireless router, plug it in and sign in to your new home WiFi. Navigating to the setup page, your presented with lots of perhaps unfamiliar options. For new users, all of the terms used, it can get confusing and lead to a network that is a prime target for local hackers to test their chops. (more…)
Getting Started with Pwnable.kr
This post is the first in a series about pwnable.kr; an open online CTF open to anyone who’d like to try their hand at the challenges it provides. As with many CTFs, if this is your first or you’re new to the concepts that it relies on, the challenges can seem quite daunting. Through this series we’re going to try to cover not only the solutions, but why they work, and where you can find more information regarding each. (more…)