HackDig : Dig high-quality web security articles

BSidesSF CTF 2021 Author writeup: Hangman Battle Royale, where you defeat 1023 AI players!

Hi Everybody! This is going to be a challenge-author writeup for the Hangman Battle Royale challenge from BSides San Francisco 2021. This is actually a reasonable simple challenge, overall. I got the idea of using a bad mt19937 implementation (the Mersenne Twister PRNG used by Ruby and Python) from SANS Holiday Hack Challenge 2020 (which is still online if y
Publish At:2021-03-16 15:34 | Read:552 | Comments:0 | Tags:Crypto CTFs Default Random CTF

Is your webcam or baby monitor video feed being streamed to this website?

In 2013, a cyber creep took over a baby monitor to spy on a 2-year-old Texas girl, to broadcast obscenities at the child, to swivel the camera so as to watch her shocked parents as they came in, and to then call the parents insulting names.Her father was shocked. Both the router and the IP camera were password-protected, he said, and the firewall was enabled
Publish At:2014-11-10 06:10 | Read:4312 | Comments:0 | Tags:Featured Law & order Privacy default Insecam internet-enable

Asseco SEE iBank FX Client

The application is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the ‘F’ flag (full) for the ‘Everyone’ and ‘Users’ group, for the ‘RichClient.exe̵
Publish At:2014-08-13 01:55 | Read:5276 | Comments:0 | Tags:Internal asseco binary client default escalation everyone fx