Imagine a library where anyone can write in a guestbook. A stored XSS attack is like someone writing a hidden, harmful message in the guestbook that, when read, causes the reader's pen to write down their personal details on a separate sheet that the attacker can access. The readers are unaware that their information is being stolen while they are simply interacting with what they believe to be a safe guestbook.
There are three main types of Cross-Site Scripting (XSS) vulnerabilities:
Stored XSS: Also known as persistent XSS, this type occurs when malicious script is permanently stored on the target server, such as in a database, message forum, or comment field. The script is executed every time a user accesses the affected content.
Reflected XSS: This type occurs when a malicious script is reflected off a web server, such as in an error message, search result, or any other response that includes some or all of the input sent to the server as part of the request. It is delivered to users via another route, such as an email or a web link.
DOM-Based XSS: This type occurs when the vulnerability exists in the client-side code rather than the server-side code. The payload is executed as a result of modifying the DOM environment in the victim's browser, causing client-side script to run differently.
The walkthrough provided is covering Stored XSS. In this scenario, the payload is injected into the Name parameter on the Contact page of the WordPress site using the "Participants Database" plugin. When this data is stored and subsequently displayed to users or administrators, the malicious script executes, demonstrating the persistent nature of stored XSS vulnerabilities.
VPN slowing you down? OpenVPN is fantastic for privacy, but if you need speed, it's not the best protocol option. Enter WireGuard: lightweight and fast. That's why NordVPN's NordLynx is built on WireGuard; it's a game-changer. Setting up a VPN client on an edge router, like the Unifi Dream Machine, allows the entire network traffic to benefit so great - let's do that! There's only one problem: NordVPN doesn't currently provide easy config files.
The solution: Generate the configuration on a Linux machine and use those details to set up NordLynx on your router. This guide will walk you through the process by first installing NordVPN on a debian-based Linux VM (Parrot Security OS) and then using that configuration to set up NordLynx on a Unifi Dream Machine.
The following is a combination of notes, research, and knowledge acquired from a malicious traffic analysis course. The focus of this post is on identifying malicious activity in Wireshark. For basic Wireshark setup and tips for filtering, check here.
Note: A good rule of thumb in terms of physical requirements is that whatever the pcap size is, you should have four times that amount of RAM available.
By applying the filter below, you will display packets with TCP flag combinations not included in the normal set, helping to identify potential anomalous activity.
When to use: When you need detailed information quickly and stealth is not a concern.
Consideration: This method generates a lot of traffic and is likely to be detected by IDS/IPS systems.
During Apple's transition to ARM architecture, there were significant challenges with VM compatibility due to the differences between ARM and x86 architectures. While ARM Assembly has been prevalent in devices like Raspberry Pis and other IoT devices, its introduction to personal computers like desktops and laptops is relatively recent. This transition prompted many cybersecurity and IT educational institutions to adapt their VM labs. To address compatibility issues, some institutions shifted from using downloadable .ISO files to web-based environments, utilizing tools like Cockpit and KVM for easier management and deployment of virtual machines. However, not all institutions have made this shift, necessitating a different solution for this student. Switching to a PC was not an option so I decided to host my VMs on a server connected to my local network.
Initially, I tried using Cockpit and KVM, but the setup didn't meet my needs. The web browser interface didn't provide enough screen real estate, and I wanted the ability to have separate VMs that could each be full-screen workspaces, not confined to the browser. I needed something more robust—a type 1 hypervisor.
I had loved using VMWare Fusion, but the Broadcom takeover turned me away. The customer experience for downloading any VMWare tools/products was frustratingly difficult. Thus, ESXi was not an option. Eventually, I landed on Proxmox—an open-source type 1 hypervisor that operates similarly to ESXi but without the headaches. Below is the process for installing the system and links to each of the VMs I chose to add to my lab environment with their individual setups.
The following guide provides a walkthrough for setting up a web server on a local network using Nginx. This guide assumes you are using Ubuntu or another debian-based flavor of Linux as your operating system.
Airgeddon is essentially a Swiss Army knife for wireless network auditing, without the risk of nicking your fingers. It's a multi-use bash script that does everything from monitoring to cracking Wi-Fi networks, offering several tools wrapped in one streamlined interface. Trusting your network security to luck is like using a paper umbrella in a hurricane— optimistic, but impractical. This post will focus on the use of Airgeddon to poke at your Wi-Fi networks and then implement more secure practices that will harden your Wi-Fi, saving the paper umbrella for a mai tai.
This covers the setup of Airgeddon in a Docker container and the usage of various plugins to enhance your wireless network testing and auditing capabilities. Ensure to follow legal and ethical guidelines while using these tools.
The following is a basic setup for implementing rsyslog on your local network. Setting up logging is highly specific to a specific user/network needs so this is just to get started and consider some basic security best practices.
Customizing my shell significantly enhanced my productivity, made my workflow more efficient and made content more readable. With a tailored shell environment, you can streamline tasks, reduce repetitive actions, and access powerful features that improve your overall user experience. In this walkthrough, I'll be going through the steps I took to set up a customized Zsh shell using zinit as the plugin manager.
# Load zinitsource~/.zinit/bin/zinit.zsh
# On a Linux box, you won't need this next line, but if you're on macOS, you may need to source autojump so you can uncomment this: # [[ -s /opt/homebrew/etc/profile.d/autojump.sh ]] && source /opt/homebrew/etc/profile.d/autojump.sh# Load Oh My zsh
zinitlightohmyzsh/ohmyzsh
# Load the theme
zinitlightromkatv/powerlevel10k
# Load plugins
zinitlightzsh-users/zsh-autosuggestions
zinitlightzsh-users/zsh-syntax-highlighting
zinitlightzsh-users/zsh-completions
zinitlighthcgraf/zsh-sudo
zinitlightwting/autojump
zinitlightael-code/zsh-colored-man-pages
It turns out this is such a common occurance, there's a shortcut for when it happens. Rather than punching that up arrow, CTRL+A to the beginning, you can just sudo !! and it will apply sudo to whatever your last command was.
This sounds like common sense, but it turns out that I'm not alone in sometimes getting caught up in what I thought the error was that if I'd just read the error output, it would have led me to the issue quicker.