Business Loans

The eWPT - Web Application Penetration Testing Professional course from the popular eLearnSecurity Institute and INE is an advanced web penetration testing course. Prerequisites for this course Completion of the eJPT courseIs. The eWPT course is one of the most popular courses in the field of web penetration testing or web hacking. This course is usually compared to the AWAE course from Offensive-Security and the SEC542 course from SANS. This course starts from a complete beginner in the field of web penetration testing and its topics continue to an advanced level. In this course you will gain an in-depth understanding of OWASP, Burpsuite software, complete web application analysis, data collection, common bugs such as XSS and SQL Injection, Session-based vulnerabilities, as well as LFI / RFI, attacks On HTML, content management systems (CMS) penetration testing such as WordPress, penetration testing of SQL and non-SQL databases.

Course pre requisites

Completion of the eJPT course

Course specifications

Course level: Intermediate

Time: 16 hours and 18 minutes

Includes: ‌ 30 videos | 18 labs | ‌ 15 slides

Professor: Dimitrios Bougioukas

EWPT Course Content - Web Application Penetration Testing Professional

Web Application Penetration Testing

Penetration Testing Process

Introduction

Information Gathering

Cross Site Scripting

SQL Injections

Authentication and Authorization

Session Security

Flash

HTML5

File and Resources Attacks

Other Attacks

Web Services

XPath

Penetration Testing Content Management Systems

Penetration Testing NoSQL Databases

Link to Download

Related word

You either landed on this blog post because

you are a huge fan of Hacktivity
you bought this badge around a year ago
you are just interested in hacker conference badge hacking.

or maybe all of the above. Whatever the reasons, this guide should be helpful for those who never had any real-life experience with these little gadgets.

But first things first, here is a list what you need for hacking the badge:

a computer with USB port and macOS, Linux or Windows. You can use other OS as well, but this guide covers these
USB mini cable to connect the badge to the computer
the Hacktivity badge from 2018

By default, this is how your badge looks like.

Let's get started

Luckily, you don't need any soldering skills for the first steps. Just connect the USB mini port to the bottom left connector on the badge, connect the other part of the USB cable to your computer, and within some seconds you will be able to see that the lights on your badge are blinking. So far so good.

Now, depending on which OS you use, you should choose your destiny here.

Linux

The best source of information about a new device being connected is

# dmesg

The tail of the output should look like

[267300.206966] usb 2-2.2: new full-speed USB device number 14 using uhci_hcd [267300.326484] usb 2-2.2: New USB device found, idVendor=0403, idProduct=6001 [267300.326486] usb 2-2.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [267300.326487] usb 2-2.2: Product: FT232R USB UART [267300.326488] usb 2-2.2: Manufacturer: FTDI [267300.326489] usb 2-2.2: SerialNumber: AC01U4XN [267300.558684] usbcore: registered new interface driver usbserial_generic [267300.558692] usbserial: USB Serial support registered for generic [267300.639673] usbcore: registered new interface driver ftdi_sio [267300.639684] usbserial: USB Serial support registered for FTDI USB Serial Device [267300.639713] ftdi_sio 2-2.2:1.0: FTDI USB Serial Device converter detected [267300.639741] usb 2-2.2: Detected FT232RL [267300.643235] usb 2-2.2: FTDI USB Serial Device converter now attached to ttyUSB0

Dmesg is pretty kind to us, as it even notifies us that the device is now attached to ttyUSB0.

From now on, connecting to the device is exactly the same as it is in the macOS section, so please find the "Linux users, read it from here" section below.

macOS

There are multiple commands you can type into Terminal to get an idea about what you are looking at. One command is:

# ioreg -p IOUSB -w0 -l

With this command, you should get output similar to this:

+-o FT232R USB UART@14100000  <class AppleUSBDevice, id 0x100005465, registered, matched, active, busy 0 (712 ms), retain 20>     |   {     |     "sessionID" = 71217335583342     |     "iManufacturer" = 1     |     "bNumConfigurations" = 1     |     "idProduct" = 24577     |     "bcdDevice" = 1536     |     "Bus Power Available" = 250     |     "USB Address" = 2     |     "bMaxPacketSize0" = 8     |     "iProduct" = 2     |     "iSerialNumber" = 3     |     "bDeviceClass" = 0     |     "Built-In" = No     |     "locationID" = 336592896     |     "bDeviceSubClass" = 0     |     "bcdUSB" = 512     |     "USB Product Name" = "FT232R USB UART"     |     "PortNum" = 1     |     "non-removable" = "no"     |     "IOCFPlugInTypes" = {"9dc7b780-9ec0-11d4-a54f-000a27052861"="IOUSBFamily.kext/Contents/PlugIns/IOUSBLib.bundle"}     |     "bDeviceProtocol" = 0     |     "IOUserClientClass" = "IOUSBDeviceUserClientV2"     |     "IOPowerManagement" = {"DevicePowerState"=0,"CurrentPowerState"=3,"CapabilityFlags"=65536,"MaxPowerState"=4,"DriverPowerState"=3}     |     "kUSBCurrentConfiguration" = 1     |     "Device Speed" = 1     |     "USB Vendor Name" = "FTDI"     |     "idVendor" = 1027     |     "IOGeneralInterest" = "IOCommand is not serializable"     |     "USB Serial Number" = "AC01U4XN"     |     "IOClassNameOverride" = "IOUSBDevice"     |   }

The most important information you get is the USB serial number - AC01U4XN in my case.
Another way to get this information is

# system_profiler SPUSBDataType

which will give back something similar to:

FT232R USB UART:            Product ID: 0x6001           Vendor ID: 0x0403  (Future Technology Devices International Limited)           Version: 6.00           Serial Number: AC01U4XN           Speed: Up to 12 Mb/sec           Manufacturer: FTDI           Location ID: 0x14100000 / 2           Current Available (mA): 500           Current Required (mA): 90           Extra Operating Current (mA): 0

The serial number you got is the same.

What you are trying to achieve here is to connect to the device, but in order to connect to it, you have to know where the device in the /dev folder is mapped to. A quick and dirty solution is to list all devices under /dev when the device is disconnected, once when it is connected, and diff the outputs. For example, the following should do the job:

ls -lha /dev/tty* > plugged.txt ls -lha /dev/tty* > np.txt vimdiff plugged.txt np.txt

The result should be obvious, /dev/tty.usbserial-AC01U4XN is the new device in case macOS. In the case of Linux, it was /dev/ttyUSB0.

Linux users, read it from here. macOS users, please continue reading

Now you can use either the built-in screen command or minicom to get data out from the badge. Usually, you need three information in order to communicate with a badge. Path on /dev (you already got that), speed in baud, and the async config parameters. Either you can guess the speed or you can Google that for the specific device. Standard baud rates include 110, 300, 600, 1200, 2400, 4800, 9600, 14400, 19200, 38400, 57600, 115200, 128000 and 256000 bits per second. I usually found 1200, 9600 and 115200 a common choice, but that is just me.
Regarding the async config parameters, the default is that 8 bits are used, there is no parity bit, and 1 stop bit is used. The short abbreviation for this is 8n1. In the next example, you will use the screen command. By default, it uses 8n1, but it is called cs8 to confuse the beginners.

If you type:
# screen /dev/tty.usbserial-AC01U4XN 9600
or
# screen /dev/ttyUSB0 9600
and wait for minutes and nothing happens, it is because the badge already tried to communicate via the USB port, but no-one was listening there. Disconnect the badge from the computer, connect again, and type the screen command above to connect. If you are quick enough you can see that the amber LED will stop blinking and your screen command is greeted with some interesting information. By quick enough I mean ˜90 seconds, as it takes the device 1.5 minutes to boot the OS and the CTF app.

Windows

When you connect the device to Windows, you will be greeted with a pop-up.

Just click on the popup and you will see the COM port number the device is connected to:

In this case, it is connected to COM3. So let's fire up our favorite putty.exe, select Serial, choose COM3, add speed 9600, and you are ready to go!

You might check the end of the macOS section in case you can't see anything. Timing is everything.

The CTF

Welcome to the Hacktivity 2018 badge challenge!  This challenge consists of several tasks with one or more levels of difficulty. They are all connected in some way or another to HW RE and there's no competition, the whole purpose is to learn things.  Note: we recommend turning on local echo in your terminal! Also, feel free to ask for hints at the Hackcenter!  Choose your destiny below:    1. Visual HW debugging   2. Reverse engineering   3. RF hacking   4. Crypto protection  Enter the number of the challenge you're interested in and press [

Excellent, now you are ready to hack this! In case you are lost in controlling the screen command, go to https://linuxize.com/post/how-to-use-linux-screen/.

I will not spoil any fun in giving out the challenge solutions here. It is still your task to find solutions for these.

But here is a catch. You can get a root shell on the device. And it is pretty straightforward. Just carefully remove the Omega shield from the badge. Now you see two jumpers; by default, these are connected together as UART1. As seen below.

But what happens if you move these jumpers to UART0? Guess what, you can get a root shell! This is what I call privilege escalation on the HW level :) But first, let's connect the Omega shield back. Also, for added fun, this new interface speaks on 115200 baud, so you should change your screen parameters to 115200. Also, the new interface has a different ID under /dev, but I am sure you can figure this out from now on.

If you connect to the device during boot time, you can see a lot of exciting debug information about the device. And after it boots, you just get a root prompt. Woohoo!

But what can you do with this root access? Well, for starters, how about running

# strings hello | less

From now on, you are on your own to hack this badge. Happy hacking.

Big thanks to Attila Marosi-Bauer and Hackerspace Budapest for developing this badge and the contests.

PS: In case you want to use the radio functionality of the badge, see below how you should solder the parts to it. By default, you can process slow speed radio frequency signals on GPIO19. But for higher transfer speeds, you should wire the RF module DATA OUT pin with the RX1 free together.

Y؜ou؜r؜ ؜d؜omain؜ na؜me؜ h؜as ؜b؜ee؜n؜ ؜expir؜ed.؜

U؜p؜da؜te؜ ؜i؜t؜ ؜n؜o؜w ؜o؜r ri؜s؜k lo؜s؜i؜ng؜ yo؜u؜r؜ ؜pro؜duct؜s؜.

He؜y؜ the؜re؜.؜ ؜We؜ ؜c؜ould؜n't؜ renew؜ one or ؜mor؜e ؜i؜t؜em؜s؜ in ؜you؜r؜ a؜cc؜ount؜. ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜Th؜at'؜s ؜not a؜ bi؜g ؜pr؜o؜b؜lem؜ — ؜as؜ lo؜ng؜ ؜a؜s ؜y؜o؜u take؜ ca؜r؜e ؜of؜ i؜t i؜m؜m؜e؜d؜i؜a؜t؜el؜y.؜

H؜er؜e'؜s؜ ؜w؜h؜a؜t؜ h؜ap؜p؜e؜n؜e؜d.؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜W؜e؜ ؜t؜r؜ie؜d؜ to؜ c؜h؜a؜r؜g؜e y؜ou؜ $9.99 u؜si؜n؜g؜ ؜y؜o؜u؜r Cred؜i؜t؜ ؜Ca؜rd.؜ B؜ut؜ our؜ a؜t؜t؜em؜pt f؜ail؜e؜d.؜

R؜enew؜ ؜N؜o؜w؜

We؜ ؜w؜an؜t t؜o g؜iv؜e ؜y؜ou؜ ؜ev؜e؜ry ؜chance t؜o؜ sa؜v؜e y؜our؜ s؜e؜rv؜ic؜e؜s؜. ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ You؜ ؜ma؜y ؜get؜ ؜t؜h؜is؜ em؜a؜i؜l ؜agai؜n؜ ؜i؜f؜ y؜o؜u d؜on't ؜u؜p؜d؜ate y؜ou؜r p؜ay؜men؜t؜ det؜ail؜s.

P؜le؜as؜e؜ ؜do؜ ؜no؜t؜ r؜ep؜l؜y t؜o t؜his e؜mai؜l.؜ ؜Em؜a؜il؜s؜ ؜se؜n؜t؜ ؜t؜o ؜t؜hi؜s ؜a؜d؜dres؜s؜ ؜wi؜l؜l؜ ؜not؜ be؜ ؜a؜n؜s؜were؜d؜.

C؜op؜yr؜i؜gh؜t؜ © 1؜99؜9-2؜0؜23 Op؜e؜rat؜i؜n؜g ؜C؜om؜pan؜y؜, ؜L؜L؜C.؜ 14؜4؜5؜5؜ ؜N؜. ؜H؜ayd؜e؜n؜ R؜d؜,؜ ؜S؜te؜.؜ ؜2؜1؜9,؜ ؜Sc؜o؜t؜t؜s؜dale, ؜A؜Z 8؜5؜2؜6؜0؜ U؜S؜A. ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜Al؜l ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ ؜ r؜i؜g؜h؜ts r؜eser؜v؜e؜d.؜

Intezer HiddenWasp Malware Stings Targeted Linux Systems

Download. Email me if you need the password (see in my profile)

Malware Inventory (work in progress)

Links updated: Jan 19, 2023

File informatio

8914fd1cfade5059e626be90f18972ec963bbed75101c7fbf4a88a6da2bc671b
8f1c51c4963c0bad6cf04444feb411d7
shell

f321685342fa373c33eb9479176a086a1c56c90a1826a0aef3450809ffc01e5d
52137157fdf019145d7f524d1da884d7
elf

f38ab11c28e944536e00ca14954df5f4d08c1222811fef49baded5009bbbc9a2
ba02a964d08c2afe41963bf897d385e7
shell

e9e2e84ed423bfc8e82eb434cede5c9568ab44e7af410a85e5d5eb24b1e622e3
cbcda5c0dba07faced5f4641aab1e2cd
elf shared-lib

d66bbbccd19587e67632585d0ac944e34e4d5fa2b9f3bb3f900f517c7bbf518b
2b13e6f7d9fafd2eca809bba4b5ea9a6
64bits elf shared-lib

2ea291aeb0905c31716fe5e39ff111724a3c461e3029830d2bfa77c1b3656fc0
568d1ebd8b6fb17744d3c70837e801b9
shell

8e3b92e49447a67ed32b3afadbc24c51975ff22acbd0cf8090b078c0a4a7b53d
33c3f807caea64293add29719596f156
shell

609bbf4ccc2cb0fcbe0d5891eea7d97a05a0b29431c468bf3badd83fc4414578
71d78c97eb0735ec6152a6ff6725b9b2
tar-bundle gzip contains-elf

d596acc70426a16760a2b2cc78ca2cc65c5a23bb79316627c0b2e16489bf86c0
6d1cd68384de9839357a8be27894182b
tar-bundle gzip

0fe1248ecab199bee383cef69f2de77d33b269ad1664127b366a4e745b1199c8
5b134e0a1a89a6c85f13e08e82ea35c3
64bits elf

Business Loans

[28+] Tendance Capillaire - ..

eWPT - Web Application Penetration

Hacktivity 2018 Badge - Quick Start Guide For Beginners