Brute-forcing passwords with Hydra

Hello, In this article you will find the solutions for the Hydra room on Try Hack Me. Link: https://tryhackme.com/room/hydra Almost every bruteforcing or cracking task from HackTheBox/TryHackMe uses the rockyou.txt wordlist. You can google it and download it, if you can’t find it in your Kali distro under the path /usr/share/wordlists/rockyou.txt.gz If you’re using Kali then you have Hydra already … Read more

Ghidra Scripting: Annotating Linux system calls

I had some fun this weekend messing around with Ghidra. Having such a powerful tool for free is truly a game changer. To start scripting in Ghidra, I downloaded the latest Eclipse for Java Developers Version: 2019-09 R (4.13.0), Ghidra and Open JDK, I believe any JDK version 11+ will work. After downloading the JDK, extract the zip, put it … Read more

Installing MIASM on macOS

I’ve been reading the MIASM.re blog recently and I wanted to give miasm a try. The scope of this article is to provide guidance on how to build miasm on macOS and introduce miasm to my readers. Miasm is a free and open source (GPLv2) reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is … Read more

Format String Exploit

Hello and welcome to Nucu Labs agent!  We’ve been contracted by some external contractors to help them break…, I mean, assist them in making their life easier with their “competition”. We obtained their competition’s software from a poorly configured AWS server. Their competition, X, uses the software in order to setup a private communication channel to their servers, the software … Read more

Practical Binary Analysis | No Starch Press

I started reading this book in november and it took me about two weeks to finish it. You should be a bit comfortable Linux and programming if you plan to give it a try. Here are my thoughts about it. What I like the most about this book is that it explains the subject in a straightforward and concise way! The … Read more