Muchikamu chino tichagadzirisa basa rechi25 kubva panzvimbo
ruzivo rwesanganoKunyanya kune avo vanoda kudzidza chimwe chinhu chitsva uye kukura mune chero yenzvimbo dzeruzivo uye kuchengetedzwa kwekombuta, ini ndichanyora nekutaura nezve anotevera mapoka:
- PWN;
- cryptography (Crypto);
- network technologies (Network);
- reverse (Reverse Engineering);
- steganography (Stegano);
- kutsvaga uye kushandiswa kweWEB kusasimba.
Uye zvakare, ini ndichagovera ruzivo rwangu mune komputa forensics, malware uye firmware kuongororwa, kurwiswa kune isina waya network uye emunharaunda nharaunda network, pentesting nekunyora zviitiko.
Kuti iwe ugone kuziva nezve zvinyorwa zvitsva, software uye rumwe ruzivo, ini ndakagadzira
Ruzivo rwese rwunopihwa nekuda kwezvinangwa zvekudzidzisa chete. Munyori wegwaro rino haatore mhosva kune chero kukanganisa kunoitwa kune chero munhu semhedzisiro yekushandisa ruzivo uye nzira dzakawanikwa semugumisiro wekudzidza gwaro iri.
Kugadzirisa otp basa
Tinoenderera mberi nechikamu chechipiri. Ini ndichataura pakarepo kuti zvakanyanya kuoma kupfuura yekutanga, asi panguva ino ivo havapi iyo source code yechirongwa. Usakanganwa nhaurirano pano (https://t.me/RalfHackerPublicChat) uye pano (https://t.me/RalfHackerChannel). Ngatitange.
Dzvanya pane icon ine siginecha otp. Isu tinopihwa kero uye chiteshi chekubatanidza.
Isu tinobatanidza uye tinotarisa-tarisa pane sevha.
Mureza watisingagoni kuverenga ndiyo purogiramu uye kodhi yayo yekubva. Ngationei kwakabva.
Ngatitorei. Iyo purogiramu inotora password senharo.
Kupfuurirazve, zvisingaverengeki 16 byte zvakachengetwa mune otp chinja.
Iro faira rine zita risingaite rakagadzirwa mu tmp folda (yekutanga 8 bytes ari otp) uye zvisingaverengeki 8 bytes inonyorerwa kwairi (yechipiri 8 bytes are otp).
Nokuda kwechimwe chikonzero, kukosha kwefaira yakagadzirwa inoverengwa uye inofananidzwa nephasiwedi yakapinda.
Pane vulnerability pano. Inosanganisira mukuchengetedza kwepakati kwenhamba yakagadzirwa kufaira. Tinogona kudzikamisa saizi yefaira, semuenzaniso, kusvika 0, zvino pakunyora nekuverenga, 0 inofananidzwa nepassword.Unogona kuzviita sezvizvi.
# ulimit -f 0
Zvino ngatimhanyei purogiramu.
Tinowana kukanganisa. Izvo hazvina basa, inogona kugadziriswa uchishandisa iyo python imwechete.
python -c "import os, signal; signal.signal(signal.SIGXFSZ, signal.SIG_IGN); os.system('./otp 0')"
Isu tinowana mureza uye yedu yakapusa 100 mapoinzi. Uye isu tinoenderera mberi: muchinyorwa chinotevera tichabata paWebhu. Unogona kubatana nesu pa
Source: www.habr.com