| // This snippet intents to simulate a baby malware. | |
| // The malware upon running connects to a server, currently hardcoded as 127.0.0.1:8080 | |
| // From server, it accepts a command to be executed locally | |
| // It executes the command locally and then send back the response to the server. | |
| // Basically, just a reverse shell binary. Now when thinking about it, this could have been done in a bash one liner also 🤔 | |
| // But I had fun editing some little C code. So, cool. | |
| // to compile : gcc -o main main.c | |
| // run ./main | |
| // to run the command&control server : while true; do echo -e 'id' | nc -l 8080 ; done |
| package com.moo.myapplication2; | |
| import java.io.BufferedReader; | |
| import java.io.IOException; | |
| import java.io.InputStreamReader; | |
| public class CommandExecutor { | |
| public static String executeCommand(String command) { | |
| StringBuilder output = new StringBuilder(); |
During my preparation for eMAPT, I came across Mobile Hacking Labs - and their free hacking labs which I felt would help me for practice. So I decided to give it a try starting with the ‘Document Viewer’ challenge. Getting right into the problem.
The do give out some solid hints & right direction in the problem statement.
(image generated by DALL-E)
Embarking on the journey of Kubernetes security unveils a vast landscape, encompassing crucial elements that safeguard your containerized applications. Among the intriguing facets within this realm, we delve into pivotal sections that form the bedrock of Kubernetes security:
RBAC Mastery: Kubernetes security begins with defining who holds the keys to the kingdom. Role-Based Access Control (RBAC) empowers you to orchestrate who wields authority over kubectl, the gateway to your Kubernetes cluster. Craft roles and permissions tailored for distinct users and groups, ensuring a finely tuned control mechanism.
Secrets Safeguard: The cloak of security extends to shielding your application's secrets. In the digital realm, secrets are akin to treasures — pa
| import pyautogui | |
| import random | |
| import time | |
| while True: | |
| current_x, current_y = pyautogui.position() | |
| # Generate random x and y coordinates around the current position | |
| new_x = current_x + random.randint(-5, 5) | |
| new_y = current_y + random.randint(-5, 5) |
| ; Egg Hunter | |
| ; Author: Aditya Chaudhary | |
| ; Date: 20th Jan 2019 | |
| global _start | |
| section .text |
| package main | |
| import ("fmt" | |
| "encoding/json" | |
| "os" | |
| "bufio" | |
| "bytes" | |
| ) | |
| #include <stdio.h> | |
| #include <sys/types.h> | |
| #include <unistd.h> | |
| int main(void) | |
| { | |
| printf("My UID is: %d. My GID is: %d My EUID is: %d. My EGID is: %d \n", getuid(), getgid() , geteuid(), getegid()); | |
| system("/usr/bin/id"); | |
| setuid(geteuid()); | |
| printf("My UID is: %d. My GID is: %d My EUID is: %d. My EGID is: %d \n", getuid(), getgid() , geteuid(), getegid()); | |
| system("/usr/bin/id"); |
| // Author : Mohammed Ajmal | |
| // github.com/cooliscool | |
| // GNU Public License | |
| <?php | |
| if(isset($_GET['v'])){ | |
| // $download = exec('youtube-dl '.$_GET['v']); | |
| $comm = 'youtube-dl '.$_GET['v'].' 2>&1'; |
| import time | |
| import requests as g | |
| import csv | |
| port= 8089 | |
| hostname='localhost' | |
| latDegToMet = 111000 | |
| metToFeet = 3.28084 | |
| radToDeg = 180/3.14159 |
