Overwriting MBR

We have all come across malware which overwrites the Master Boot Record (MBR) of a machine, leaving it unbootable. The code required to overwrite the MBR is surprisingly simple. We will first need to open a write handle to the physical device using the CreateFile API. The MBR is stored in the ...

FLARE-On 6 - Solve vv_max by hand

After looking at the published solutions for FLARE-On 6, I realised that for challenge 11, vv_max, most people used a script to either reverse the AVX functions or to brute force it. My approach was different, I made use of memory breakpoints strategically placed at the address of the arrays to ...

Tips for winning SANS CTFs

Over the past 3 years, I have attended 3 SANS courses and participated in 3 NetWars events. I have won the challenge coin for every event I participated in. I hope this gives a bit more credibility to the tips that I am about to share. The SANS Challenge on the last day differs depending on the ...

WP Like Button 1.6.0 - Auth Bypass

Exploit Title: WP Like Button 1.6.0 - Auth Bypass Date: 05-Jul-19 Exploit Author: Benjamin Lim Vendor Homepage: http://www.crudlab.com Software Link: https://wordpress.org/plugins/wp-like-button/ Version: 1.6.0 CVE : CVE-2019-13344 1. Product & Service Introduction: WP Like button allows you to ...

POFMA: Straits Times spreading Symantec's lies

In the wake of the SingHealth hack, Symantec published a report titled "Whitefly: Espionage Group has Singapore in Its Sights". The report was carried by the Straits Times in an article titled "SingHealth hackers 'have targeted others here too'". On the surface, it seems perfectly normal. ...

On the Cybersecurity Act

Let us take a look at the Cybersecurity Act 2018 and see how it affects professionals in the industry. I believe it is a good first step, however more can be done in terms of enforcement as well as to ensure better wording of the law. 1 2 3 4 5 6 7 8 9 10 11 12S2 Interpretation “cybersecurity” ...