The number 1 threat according to the owasp top 10 list are injections. Among them is the SQL Injection.
An SQL Injection abuses bad sanitation to inject malicious SQL code into a web server or web application.
Zanidd
Advertisements
Cross Site Scripting (XSS) – Explained
Cross Site Scripting is one of the top dangers in a modern web application. In order to exploit this vulnerability, an attacker has to “inject” malicious javascript code into the site.
Integer Overflow – Explained
An Integer Overflow is an attack used by hackers and security specialists that abuse the properties of signed and unsigned integers.
Google CTF – Beginners Quest
This year, google held a CTF competition. The qualifying for the CTF was called “beginners quest” and features miscelaneous challenges. It even has a story line.
The story is about getting a cake (that is hopefully not a lie) from a smart fridge. And in your quest to delicious glory you have to solve multiple challenges, including but not limited to:
- crypto (easy crypto)
- reverse engineering and binary exploitation
- crack password protected zips
- privilege escalation/ dirty cow
- fridge hacking
It is a non linear challenge which means, you have three different paths to solve it, and the ability to traverse from one path to the other at specific points:
You can watch me solve a path and gain the delicious cake that is waiting at the end. Or is it?