Posts

Showing posts from April, 2021

Narnia 1 - OverTheWire - Updated Walktrough

Narnia 1 is about teaching you to write, inject and use ShellCode. *NOTE - this tutorial is for programmers like me, that just learn some web programming, maybe having fun with some hacking ect., no idea about c or assembler. If you're a computer science deg. this might be wwaayy over simplifying, and therefor its not for you. The main purpose of this tutorial is not HOW to solve narnia1, but to UNDERSTAND how to solve it a-z. What's ShellCode? Its a crafted piece of code, usually meant for a shell, usually binary code (in hex representation, called Object Code) So as stated there are 3 stages here, -write, -inject, -run. I'll start from the last. RUN YOUR SHELLCODE Well, in order to run your shellcode, you need to know where is the exploit, and adapt the code to that, so lets open narnia and lets see the exlpoit in " narnia1.c ":     ret = getenv("EGG");     ret(); Well, whats " ret "? It is defined " int (*ret)(); "

CTF365 Security Shepherd Walkthrough - No Spoilers Just Hints

hopefully, lets try to do all of the  CTF365 Security Shepherd  lessons and challenges, and help everybody with all they need but no spoilers. that doens't meant you don't need to do your learning, if i didn't write something, that means (a) learn the topic (b) read instructions. simple way to work through is installing burp-suite CE and make it work with ssl, but i'll try to also teach, where possible, you can use other tools. LESSONS *any lession with a asterisk [*] in its name means that it would have been easier with burp, just altering the request. [need to install cert. etc.] Broken Session Management* the session is managed via cookies, can be changed via Chrome Dev Tools (F12) -> Application tab -> Storage -> Cookies. (maybe you must click the button 1st) Cross-Site Request Forgery after putting a value in the box and submitting, right-click and Inspect-Element the image. you must put a full url i.e. https://..... try put a funny image

Copy SharePoint Online List with Data (with list items) to another site

 We have PNP!!! Using this post , and upgrading it with to the new PNP , this is the results 1. Make variable $listName = "listTitle" (hebrew works :)) $listName = "קריאות לבאטמן" 2. Make variable $templateName = "c:\template\HR-listTemplate" (or another path) $templateName = "c:\template\BAT-listTemplate" 3. Connect to SiteA Connect-PnPOnline -Url "https://tenant.sharepoint.com/sites/SiteX/SiteA" 4. Get list template Get-PnPSiteTemplate -Handlers Lists -ListsToExtract $listName -Out ("{0}.xml" -f $templateName) 5. Get items to that same file (peep to the xml file) Add-PnPDataRowsToSiteTemplate -path ("{0}.xml" -f $templateName) -List $listName -Query '<view></view>' 6. Connect to SiteB Connect-PnPOnline -Url "https://amymetom1.sharepoint.com/sites/AmyPortal2" 7. Provision the list Invoke-PnPSiteTemplate -Path ("{0}.xml" -f $templateName)  8. Go to site content and be pr

SharePoint Modern Site copy/save Theme to another site

In case you Provisioned a beautiful site with the PNP services of SharePoint LookBook , and you liked it, but wanted to take it out to another site... Well, MS did not yet gave us a way to save/copy a Theme... just a lot of ways to upload ones... I tried so mush downloading a site template with Get-PnPProvisioningTemplate Get-PnPSiteTemplate Invoke-PnPSiteTemplate All failed for so many reasons... BTW (1) dont change the name of the .pnp file, and if you get some "access denied" error, either become global admin, or use "-ExcludeHandlers" (i needed  Fields, Files, Lists, Pages ) Anyways... how I got it working 1. I used this endpoint to get the actual palette https://tenant.sharepoint.com/sites/NewEmployeeOnboardingNew/_api/SP.Web.GetContextWebThemeData 2. And extraced the data accroding to this MS article  while converting the RGB to HEX code made in html/js in the end 3. I uploaded the theme to the Tenant With SPO services, for some reason, you can't connec