Zgodnie z obietnicą wczoraj po południu wrzuciłem na YouTube nagranie video mojego wystąpienia pierwszego dnia na SEConference w Krakowie, podczas którego mówiłem o "internalsach" formatu ZIP (było też dość sporo dem).
Video: http://www.youtube.com/watch?v=BsFqI8BZ-U0
Slajdy: http://goo.gl/iU1aT
Jeśli chodzi o dzień drugi, to video/slajdy są podlinkowane w tym poście.
I tyle.
Links / Blogs
- → dragonsector.pl
- → vexillium.org
- Security/Hacking:
- Reverse Eng./Low-Level:
- Programming/Code:
Posts
- Just another Null Byte Poison via Unicode variant (MuPDF mutool RCE),
- PWNing Online 2020 CFP,
- How to document your knowledge (in a CV/resume),
- confidence 2020 CFP deadline is approaching fast,
- What's the probability of a downloaded ZIP being broken?,
- GSGC2019: Winners,
- Teaser Dragon CTF 2019 - this Sat/Sun,
- Gynvael's Summer GameDev Challenge 2019,
- HackYeah 2019: 30 free tickets,
- Paged Out! Issue #1,
- → see all posts on main page
// copyright © Gynvael Coldwind
// design & art by Xa
// logo font (birdman regular) by utopiafonts / Dale Harris
/* the author and owner of this blog hereby allows anyone to test the security of this blog (on HTTP level only, the server is not mine, so let's leave it alone ;>), and try to break in (including successful breaks) without any consequences of any kind (DoS attacks are an exception here) ... I'll add that I planted in some places funny photos of some kittens, there are 7 of them right now, so have fun looking for them ;> let me know if You find them all, I'll add some congratz message or sth ;> */
Vulns found in blog:
* XSS (pers, user-inter) by ged_
* XSS (non-pers) by Anno & Tracerout
* XSS (pers) by Anno & Tracerout
* Blind SQLI by Sławomir Błażek
* XSS (pers) by Sławomir Błażek
// design & art by Xa
// logo font (birdman regular) by utopiafonts / Dale Harris
/* the author and owner of this blog hereby allows anyone to test the security of this blog (on HTTP level only, the server is not mine, so let's leave it alone ;>), and try to break in (including successful breaks) without any consequences of any kind (DoS attacks are an exception here) ... I'll add that I planted in some places funny photos of some kittens, there are 7 of them right now, so have fun looking for them ;> let me know if You find them all, I'll add some congratz message or sth ;> */
Vulns found in blog:
* XSS (pers, user-inter) by ged_
* XSS (non-pers) by Anno & Tracerout
* XSS (pers) by Anno & Tracerout
* Blind SQLI by Sławomir Błażek
* XSS (pers) by Sławomir Błażek
Comments:
Regards.
Życzę wielu sukcesów! Pozdrawiam
Add a comment: