I’ve playing with Android CTF questions recently and found this jewelry box. One of the questions was about a numeric one way hash question named NUMDROID. The question was presented in ASIS2014 and here, I write the write-up!
I recently established a wired connection into my server through my computer. I’ve mixed the protocols (OpenVPN, TOR, SOCKS) to RE-ANONIMIZE myself! I’ve put “The Good, The Bad and The Ugly” name on the scenario. Here is a very good picture of it!
I’ve started a project named Onion Harvester for finding the Onion addresses in TOR hidden services which are not exposed by the owners. I believe that the real dark markets and interesting stuff of TOR networks relies in the dark.
This the second and final writeup of Android challenges which was given in 8st Sharif CTF. I’ve wrote about the team and place in the 8st SharifCTF Android WriteUps: Vol I. The writeup begins …
Two weeks ago, SharifCTF was hold and the questions were acceptable. We attended with CGU team name and and gain the 44th place among the 682 attended teams, whom has at least one question solved in the CTF. In this post I described the writeup for the question about reverse engineering of Android app with 200 points (the 3rd question of reverse section).
Offsec is an Iranian computer security group which holds conferences or CTFs in the computer security area. In their recent challenge, they created a web challenge which is accessible through offsecmag Telegram channel. The challenge started on 16 Dec 2016 and here I will WRITE UP! 🙂
In this post, the write up of the challenge is presented.
As I told in About Mir Saman section, I love classical musics. I used to listen to online classical radios which are broadcasting the musics 24×7. I was wondering how these services are working. In this post I will show you how to create an online radio broadcast station from your computer. Continue reading Your Radio: Broadcast Yourself!
Knowing all possible web paths in the world is the initial step for making a search engine (SE). By means of SE one can analyze the web for the material he/she likes. In normal Domain Name System, each TLD provider (Top Level Domain) can sell or release list of all its domains. As an example .com TLD can sell or release all the domains which are end with “.com“. But the problem is more complicated in TOR (or other hidden service providers). In this post I will talk about my tool named Onion Harvester and how to find initial points for finding hidden services to be crawled.
Last Wednesday, I have a small talk about SQLi web application vulnerability and how to prevent it. Here, I write about the tools and resources which can be used in learning the SQLi learning and prevention.