Let me start with a “disclaimer” :P I am not a bug bounty hunter and I tend to align myself more towards pentetration testing and reverse-engineering so oppurtunites like these are rare for me and yeah and I did enjoy this experience and I hope you do too :)
— — — — — — — — — —
IDOR or Insecure Direct Object References occur when an application provides direct access to objects based on user-supplied input.As a result attackers can bypass authorization and access resources in the system directly.
— — — — — — — — — — — — — — — — — — — — — — — — — — —
We have a binary file and a service but interestingly the binary is quite small and has only three functions and the string ‘/bin/sh’ is already present in the .rodata section.
Last week was kind of boring for me. My phone slipped from my hand and broke 😥 (but the best part is I’m getting a new one 😍). So without a phone I had loads of time in my hand so when we received this DBMS assignment from our instructor and I decided to do something out of the box with it.
As an introduction to the Database Management System Course, our first assignment consisted of making loads of tables (actually 11) and inserting records into them.
The CREATE TABLE statement is used to create a table in SQL database:
Over the past week I have fallen in love with Malwares and have started reading this awesome book by Michael Sikorsi and Andrew Honig.
First I decided to cover a significant part of the theory and only then take up the labs. But then usually I have college classes during the day and I don’t get time except weekends. So today I decided I gonna pull off an All-Nighter and walk-through one of the labs.In this article I will cover Lab 5–1 in which we will dissect a .dll malware using IDA Pro.
Binary samples are available here.
CTF 🚩 ● Hack the Box ● CyberSec Enthusiast ● Snooker Addict