tychebe (37)in #security • 8 years ago11tychebe (37)in #security • 8 years agowefafae213tychebe (37)in #security • 8 years agoaztychebe (37)in #security • 8 years ago12421412542sergsrehtserg21312gaesrgtychebe (37)in #security • 8 years ago2354u654245u6543121tychebe (37)in #security • 8 years agosetresuid() function□ SET Real uid, Effective uid, Saved set-User-ID □ Function that modifies a process's "real UID", "effective UID" and "saved set-user-ID" □ Unprivileged process configures…tychebe (37)in #security • 8 years agoerrno variable□ Global variable that stores the cause of a error when a function is executed □ Return value can only check whether an error occurred □ If there is no error, 0 is stored.…tychebe (37)in #security • 8 years agoNebula level02 solution□ Aim : Execute getflag command with flag02 account and check the message "You have successfully executed getflag on a target account" □ Vulnerability : Refer the…tychebe (37)in #security • 8 years agoasprintf function□ allocated string printf □ It is function of GNU extensions(No C or POSIX) □ int asprintf(char **strp, const char *fmt, ...) □ It prints the contents of fmt to the strp. As…tychebe (37)in #security • 8 years agoNebula Level02 hint[Hint#1] Sticky bit is configured in the flag02 file. [Hint#2] If you execute the flag02 file, You can see the upper result that includes value of USER…tychebe (37)in #security • 8 years agoDifference between su and su -□ "su" constitutes authority and minimum environment variables, such as the root account □ "su -" constitutes almost same environment as login shell of the root account □…tychebe (37)in #security • 8 years agodifference between sudo and su□ su(substitute user) ○ This linux command allows a user to log in as another user Without log out ○ "su" without parameter is same as "su root"(=Login as root) ○ Account…tychebe (37)in #security • 8 years agoMethod of changing group password policy(group ↔ gshadow)□ If the group password policy is changed to gshadow, each group's password of group file is changed to x □ grpconv : It is linux command to change password policy(group →…tychebe (37)in #security • 8 years agoMethod of changing password policy(passwd ↔ shadow)□ When linux is installed, like the picture above, there is a case that the password is stored in the passwd file □ If the password policy is changed to shadow, each account's…tychebe (37)in #security • 8 years agoCyber operation#1 (To construct a sniffer system)□ General situation ○ You are a information security team leader of a corporation ○ Following orders of CISO, you establish plans, organize TFs and build up systems ○ The…tychebe (37)in #security • 8 years agoMethod of killing all processes of the current shell□ ps | awk '{print $1}' | xargs kill -9 ○ ps : It prints the running processes ○ | awk '{print $1}' : It prints the first column of the result of ps(=pid) ○ | xargs kill…tychebe (37)in #security • 8 years agoControl panel(.msc) run command list□ gpedit.msc : To execute group policy □ printmanagement.msc : To execute print management □ rsop.msc : To execute result set of policy □ secpol.msc : To execute local…tychebe (37)in #security • 8 years agoControl panel run command list□ control : To execute Control panel(=C:\Windows\System32\control.exe) □ appwiz.cpl : To execute programs and features □ control admintools : To execute administrative tools…tychebe (37)in #security • 8 years agoWindows run command listcalc : To execute calculation charmap : To execute Character map cleanmgr : To execute disk cleanup manager cmd : To execute command prompt control : To execute control…tychebe (37)in #security • 8 years agoWindows Explorer shortcuts list□ Alt + ← : To go back □ Alt + → : To go forward □ Alt + ↑ : To go to the parent directory □ Alt + Enter : To check selected file(or directory)'s properties □ Alt + D : To…