Null Byte News
Community Byte: HackThisSite, Realistic 4 - Real Hacking Simulations
We'd like this to be one of the last HTS mission announcements, at least for now. As soon as Null Byte finds a server to play with (anyone want to donate one?), we are going to start doing root the box competitions, which is like king of the hill, except you have to hack a server and maintain access. Each server will have numerous known security holes. But for now, back to the normal flow of things...
Goodnight Byte: HackThisSite, Realistic 3 - Real Hacking Simulations
Last Friday's mission was to accomplish solving HackThisSite, realistic 3. The third mission in a series of realistic simulation missions was designed to be exactly like situations you may encounter in the real world, requesting we help a friend restore a defaced website about posting peaceful poetry.
Root Exploit: Memodipper Gets You Root Access to Systems Running Linux Kernel 2.6.39+
Here's a delicious Byte of information for you. A proof of concept program on Linux was coded to exploit a known bug in how the Linux Kernel (versions 2.6.39+) handles permissions for the
Community Byte: HackThisSite, Realistic 3 - Real Hacking Simulations
We're aiming for this to be one of the last HTS mission announcements, at least for now. As soon as Null Byte finds a server to play with, we are going to start doing root the box competitions, which is like king of the hill, except you have to hack a server and maintain access. Each server will have numerous known security holes. But, for now, back to the normal flow of things...
Goodnight Byte: HackThisSite, Realistic 2 - Real Hacking Simulations
Last Friday's mission was to accomplish solving HackThisSite, realistic 2. This second mission in a series of realistic simulation missions was designed to be exactly like situations you may encounter in the real world, requesting we help a friend take down a racist hate-group website.
Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins
Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of Forbes. He discovered the hole in two different locations on the site, and has already informed the website of the vulnerability.
News: Block Cell Phone Signals on the Carrier of Your Choice by Hacking a Radio Frequency Jammer
Cell phone jammers, a DIY endeavor for the darker crowd. I'm pretty sure we've all considered having one at some point: whether the obnoxiously loud woman next to you is announcing private bedroom stories to a crowd on the subway, or your kids are grounded from using the phone (and consequently snagged a hidden prepaid phone), sometimes having a cell phone jammer comes in handy.
News: Get the Perfect Cup of Java with a DIY Linux-Powered Coffee Roaster
When it comes to coffee, some people just like perfection. Most would agree that the best cup of coffee comes from home, after roasting your own green coffee beans. But not everybody has the time or money to have complete control over their coffee's flavor. Roasting via stovetop or oven produces mélange (not quite perfection), and home roasters can be pricey.
News: Flaw in the Latest Linux Graphical Server Allows Passwordless Logins
Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.
Community Byte: HackThisSite, Realistic 2 - Real Hacking Simulations
The community tore up the first realistic mission last week. You've applied the techniques learned in the basic missions to a real scenario, so I'm pretty content. The realistic missions are where the learning gets intense and where we can apply real knowledge to extremely realistic situations. We will also be continuing the normal Python coding and hacking sessions. These sessions are created to bring our community together, to learn from each other, and grow together. Everyone is welcome, f...
Goodnight Byte: HackThisSite, Realistic 1 - Real Hacking Simulations
Last Friday's mission was to accomplish solving HackThisSite, realistic 1. This is the first in a series of realistic simulation missions designed to be exactly like situations you may encounter in the real world. This first mission, we are asked to help a friend manipulate the website voting system for a Battle of the Bands vote count in his favor.
News: Advanced Cracking Techniques, Part 2: Intelligent Bruteforcing
Following the first part in this series on advanced cracking techniques, we are going to go over how we can intelligently crack passwords using the old-fashioned bruteforce method. These unique cracking techniques aren't widely used, because most crackers are Script Kiddies who have no idea what the concepts are behind cracking passwords, thus, word won't get around too quickly.
News: Advanced Cracking Techniques, Part 1: Custom Dictionaries
How did it happen? How did your ultra-secure WPA password on your wireless network get broken into? Well, you might have just found yourself at the mercy of a cracker.
News: Cannot find windows loader after Linux install?
Have you ever had this happen? Your main OS is windows, and you just istalled a nux dualboot. But when you installed GRUB to the mbr, your windows loader got deleted! Hence you are not able to get into windows anymore... Sucks. But there's also a solution!
News: MegaUpload goes down - Anon retaliates.
As you may or may not know, MegaUpload - one of the largest file sharing services has been taken down by the feds.
News: MPAA - ''SOPA Blackout's Are a Stunt...''
So... The MPAA, who are (obviously) in favor of SOPA, are crying about how the anti-SOPA blackouts are being caused by the ''big corporations'' and any who support it are apparently turning into pawns of said corporations.
News: SOPA and PIPA Blackout!
As of today (January 18, 2012) many websites have "blacked" out their content for the day, one of the more notable websites is Wikipedia.org. As this can be a small compromise as an act of protesting against the heinous bills going through the United States' Congress. A lot of these websites are using a type of Java-Script or JS for short, and others are using simple little Pop-Ups to block the sites. Through the use of some clever addons everyone that cares about their online security should...
News: Flaw in Facebook & Google Allows Phishing, Spam & More
Here's a nasty little Null Byte. An open redirect vulnerability was found in both Facebook and Google that could allow hackers to steal user credentials via phishing. This also potentially allows redirects to malicious sites that exploit other vulnerabilities in your OS or browser. This could even get your computer flooded with spam, and these holes have been known about for over a month.
Pygame: All You Need to Start Making Games in Python
Pygame! And what you can accomplish with it. Another python article... (Blame Alex for getting me hooked on yet another coding language...)
Community Byte: HackThisSite, Realistic 1 - Real Hacking Simulations
Community byters, it's time to get serious. We are finally moving on to the realistic missions in HackThisSite. This is where the learning gets intense and where we can apply real knowledge to extremely realistic situations. We will also be continuing the normal Python coding and hacking sessions. These sessions are created to bring our community together, to learn from each other, and grow together. Everyone is welcome, from novice programmers to aspiring hackers.
News: A Basic Website Crawler, in Python, in 12 Lines of Code.
Your first, very basic web crawler. Hello again. Today I will show you how to code a web crawler, and only use up 12 lines of code (excluding whitespaces and comments).
News: Change from BASH to zsh
Hello fellow Null-Byters today I will be showing you how to change from the simple but powerful BASH system to a more powerful and faster Z - Shell system. This change can be permanent if you want but doesn't have to be, and it is an extremely simple one to perform.
News: Call to Webmasters Everywhere
A cool link I found on Twitter that Anonymous tweeted. Get involved, this effects everyone.
Goodnight Byte: HackThisSite Walkthrough, Part 10 - Legal Hacker Training
This is it! That last basic mission. Last Friday's mission was to accomplish solving HackThisSite, basic mission 11. This final mission in the basic series was made to give us the skills and a place to apply our Apache server knowledge. This will teach us how to traverse through awkward and custom directory structures.
News: Arduino-based Curtain Automation
Jamie Zawinski uses a command line to control his curtains.. ..How cool is that?
News: Skyrim Covers That Will Make Your Ears Climax
Without Much Delay: The Below Videos Are Awesome! 'Nuff Said.
Google Dorking: AmIDoinItRite?
What is Google Dorking? Well, simply put, "Google Dorking" is just an efficient way to utilise keywords in order to perform very specific searches on a given subject. In this case, one would look for websites/servers that are vulnerable to attacks or are configured improperly by using specific search criteria that should yeild results, should it find matches to known mistakes/errors in a website or webserver.
News: Midas Magic Spell Overhaul [MOD]: Now on Skyrim
Long story short, this is a mod by Xilver, who once upon a time did a spell mod called Midas Magic: Spells of Aurum, for TES Oblivion. Well, now he made one for TES Skyrim.
Community Byte: HackThisSite Walkthrough, Part 10 - Legal Hacker Training
Welcome to the 10th Community Byte session for coding in Python and completing the challenges presented to us by HackThisSite. These sessions are created to bring our community together, to learn from each other, and grow together. Everyone is welcome, from novice programmers to aspiring hackers.
News: Simple XOR Text Encryption and Decryption in Visual C#
For this particular example, I will be working on Wndows (sorry X users). I might write a similar guide once I am more comfortable with programming in Linux.
Goodnight Byte: HackThisSite Walkthrough, Part 9 - Legal Hacker Training
Last Friday's mission was to accomplish solving HackThisSite, basic mission 10. This mission teaches us how to use JavaScript to manipulate cookies on poorly coded cookie-based authorization.
News: Null Byte Is Calling for Contributors!
We're officially seeking Null Byters interested in teaching others! Contributors will write tutorials, which will be featured on the Null Byte blog, as well as the front page of WonderHowTo (if up to par, of course). This is a job meant for anyone with the will to share knowledge. There is no need to be intimidated if you fear you lack the writing skills. I will edit your drafts if necessary and get them looking top-notch! You can write tutorials of any skill level, and anything you feel like...
Community Byte: HackThisSite Walkthrough, Part 9 - Legal Hacker Training
Null Byte is looking for forum moderators! Welcome to the ninth Community Byte for coding in Python and completing the challenges presented to us by HackThisSite. These sessions are created to bring our community together, to learn from each other, and grow together. Everyone is welcome, from novice programmers to aspiring hackers.
Goodnight Byte: HackThisSite Walkthrough, Part 8 - Legal Hacker Training
Null Byte is looking for forum moderators! Last Friday's mission was to accomplish solving HackThisSite, basic mission 9. This mission delves a little further into Unix commands and remote directory traversal (which is just a fancy term for going through folders blindly).
News: Flaw in Wal-Mart Returns System Allows Major Thefts to Go Unnoticed
We love tearing apart security here at Null Byte. Several years back, upon returning items to Wal-Mart due to a malfunction, I noticed something very peculiar about the way their overall procedure goes. I brought the item up to the desk, and the woman asked if it didn't work, which I responded affirmatively. Without a moment's notice, she takes it right off to the defective items area and asks if I would like cash or store credit.
Community Byte: HackThisSite Walkthrough, Part 8 - Legal Hacker Training
Welcome to the eighth Community Byte for coding in Python and completing the challenges presented to us by HackThisSite. These sessions are created to bring our community together, to learn from each other, and grow together. Everyone is welcome, from novice programmers to aspiring hackers.