Unk9vvN

Turkey to build mini submarine

Turkey plans to start construction of the first hull of a near-sea diesel-electric submarine this year.The STM500 project submarine will be the smallest boat built by Turkey. TTX: Displacement - 540 tons, length - 42 m, width - 8.5 m, maximum speed - 18 knots, economical speed - 5 knots, immersion depth - up to 250 m, cruising range - 3500 miles, crew - 18 people, autonomy - 30 days.Armament: 4 torpedo tubes (8 torpedoes,…

Read More

“#Hash Length Extension Attack” on YouTube

#Hash Length Extension AttackLEA vulnerability occurs when algorithms such as md5, sha128, sha256, sha512 are used to create a Signature.  Also add the data you want, for example if a vulnerable hash function (such as md5, sha-256) is used to create an Access Token with the guest access level as shown below,t1 = hash (secret + "_guest") + "_guest"You can create an admin token without having a secret (as described above).  This token is created…

Read More

#SQL_Injection #GBK Character Encoding

One of the most widely used SQL Injection vulnerability protection functions is the addslashes () function. This function takes an input and if it sees characters like '' \ 'and ... in the input sentence, it puts a \ before these characters. One way to bypass this function is to use the GBK encoding character, this encoding character is made for Chinese characters and we can use this bypass when the ability to support this…

Read More

Israel’s water reservoir  infiltrated by Iranian hackers

[Forwarded from Quds Force News] Israel's water reservoir  infiltrated by Iranian hackers (as covered by Treadstone 71 https://cybershafarat.com/2020/11/29/israels-yoav-water-reservoir-has-been-infiltrated-iranian-hackers/) On November 29, 2020, an Iranian hacker team called Unidentified TEAM announced on its Telegram channel that they had been able to infiltrate Israeli water facilities. And this was access to the yard so much that it was possible to change the water temperature and water pressure and cut off and turn on the tanks. Upon noticing…

Read More

Mobile Hacking Cheatsheet

#Mobile Hacking #Cheatsheet داشتن Cheatsheet در امر پیاده سازی مراتب تست نفوذ , یک امر مفید و بهینه ای هستش, از این رو دو عدد Cheatsheet در خصوص مراحل پیاده سازی و آماده سازی تست نفوذ برنامه های اندرویدی و iOS براتون پست میکنم که استفاده کنید, در Cheatsheet مختص به سیستم عامل اندروید تمامی روش های Bypass SSL Pinning هم ذکر شده و نام ابزارهای مختلف مورد استفاده هم آمده است, همینطور در خصوص…

Read More

CSV Injection

https://sites.google.com/site/bughunteruniversity/nonvuln/csv-excel-formula-injection خب اول از همه کمی با فرمول های اکسل اشنا بشیم که چطور میشه که میتوان برای این برنامه فرمولی رو نوشت برای مثال به فرض کنید 2تا خونه داریم در ستون A در فیلد اول ستون عدد 5 و در فیلد دوم ستون عدد 6 قرار داره و باز در ادامه ما با یک فرمول مقادیر این دو خونه رو جمع میزنیم _|__A___| 1|_____5| 2|_____6| 3|=A1+A2| خب در فرمول بالا میبینید که دو…

Read More

Bind Netcat & Spoof Extention & BypassAVs

[wpvideo XAS6S52l]   "A demo on how to bind a JPG file to a JPG file and spoof the Extention file will be the format of the corresponding file and Bypass Antivirus. The feature of this method is that the scenario is very delicate and at the same time described as having a somewhat low performance."

Read More