学习道德黑客和逆向工程

Learn Ethical Hacking & Reverse Engineering

您还未登录,请点击这里登录

上一讲： 2. Patching with Jumps

下一讲： 1. Introduction to cracking gui-based programs

视频列表

1. [new] Introduction
1. Introduction
2. Registering for an account with defendtheweb.net
3. How to use this Guide
2. [new] Intro Levels
1. Intro 1 (Client code information leak)
2. [NEW] Intro 2 (HTML tag information leak)
3. Intro 3 (Javascript code information leak)
4. Intro 4 (Path traversal vulnerability)
5. Intro 5 (Javascript prompt() function information leak)
6. [NEW] Intro 6 (Client code modification vulnerability)
7. [NEW] Intro 7 (robots.txt data leak vulnerability)
8. Intro 8 (Path traversal vulnerability)
9. Intro 9 (Client code modification vulnerability)
10. Intro 10 (Javascript code exposure and decryption)
11. Intro 11 (File redirection vulnerability)
12. Intro 12 (MD5 decryption)
3. [new] 24-bit (File extension manipulation exploit)
1. 24-bit (File extension manipulation exploit)
4. [new] Word of PeacecraftRealistic (Dumpster diving for emails)
1. World of PeacecraftRealistic (Dumpster diving for emails)
5. [new] Secure Agent (Browser Spoofing)
1. Secure Agent (Browser Spoofing)
6. [new] Crypt1Crypt (Reverse encryption)
1. Crypt1Crypt (Reverse encryption)
7. [new] Beach (Steganography analyis)
1. Beach (Steganography analyis)
8. [new] Squashed imageStego (Cracking steganography)
1. Squashed imageStego (Cracking steganography)
9. [new] HTTP MethodIntro (HTTP POST exploit & Bypass CSRF-token protection)
1. HTTP MethodIntro (HTTP POST exploit & Bypassing CSRF-token protection)
10. [new] Library GatewayRealistic (Javascript code exposure vulnerability)
1. Library GatewayRealistic (Javascript code exposure vulnerability)
11. [new] SidIntro (Cookie tampering to bypass login)
1. SidIntro (Cookie tampering to bypass login)
12. [new] Crypt2Crypt (Cracking Caeser Cipher encryption)
1. Crypt2Crypt (Cracking Caeser Cipher encryption)
13. [new] Crypt3Crypt (Decoding Morse Code)
1. [NEW] Crypt3Crypt (Decoding Morse Code)
14. [new] SQLi1SQLi (Bypassing login page password using SQL Injection Attack)
1. SQLi1SQLi (Bypassing login page password using SQL Injection Attack)
15. [new] Recon (Information gathering skills, including B6-Key)
1. Recon (Information gathering skills, including B6-Keys)
16. [new] Crypt4Crypt (Decrypting ciphertext using online decryptors)
1. Crypt4Crypt (Decrypting ciphertext using online decryptors)
17. [new] Map It (Portscanning and gaining remote access)
1. Map It (Portscanning and gaining remote access)
18. [new] Crypt5Crypt (Reverse & Decrypt ciphertext using online decryptor)
1. Crypt5Crypt (Reversing & Decrypting ciphertext using online decryptors)
19. [new] SQLi (Hacking admin username & password using SQL Injection Attack)
1. [NEW] SQLi2SQLi (Hacking admin username & password using SQL Injection Attack)
20. [new] Princess SlagRealistic (Directory traversal & null byte attacks)
1. [NEW] Princess SlagRealistic (Directory traversal attack & null byte attacks)
21. [new] Xmas '08Realistic (Website defacement attacks)
1. Xmas '08Realistic (Website defacement attacks)
22. [new] Planet BidRealistic (Password reminder exploits)
1. Planet BidRealistic (Password reminder exploits)
23. [new] Access Logs (Log Injection Attack)
1. Access Logs (Log Injection Attack)
24. [new] Sandra Murphy (XML Injection Attack)
1. Sandra Murphy (XML Injection Attack)
25. [new] AlphabetizeCoding (Using Javascript to defeat countdown timer)
1. AlphabetizeCoding (Using Javascript coding to defeat countdown timer)
26. [new] AliensStego (Decoding wav files to extract passwords)
1. AliensStego (Decoding wav files to extract passwords)
27. [new] Custom EncodingCoding (Decryption & hacking website countdown timer)
1. Custom EncodingCoding (Decryption & hacking website countdown timer)
28. [new] Missile codesForensics (Analyze & extract data from disk images)
1. Missile codesForensics (Analyzing and extracting data from disk images)
29. [new] Captcha1CAPTCHA (Hacking Captcha using OCR and AutoIt)
1. Introduction to Captcha1 challenge
2. Downloading and Installing an OCR software
3. Using Abby (OCR tool) to convert image to text
4. Download and install AutoIt (Automation tool)
5. Using AutoIt
30. [new] Captcha2CAPTCHA (Hack Captcha with node.js, imagemagick & AutoIt )
1. Intro to Captcha2 challenge
2. Collecting key images
3. Splitting the captcha image into 15 sample files
4. Installing node.js
5. Intro to Node.js
6. Using node.js to decode captcha image
7. Using AutoIt to defeat countdown timer
31. [new] Captcha3CAPTCHA (Using Python to hack Captcha )
1. Introduction to the Captcha3 challenge
2. Installing and Using Python
3. Installing Pillow library for Python Image Manipulation
4. Collecting key images
5. Splitting the captcha3 sample using python
6. Creating nodejs script to decode captcha sample images
7. Using AutoIt to automate tasks and defeat timer limitation
32. Introduction to Software Cracking with crackme's
1. Introduction to crackme's
33. Introduction to x64dbg and Detect it Easy (DIE)
1. Downloading and installing x64dbg and Detect It Easy (DIE)
34. Setting up your cracking workspace and workflow
1. Setting up your cracking workspace and workflow
35. Debugger Stepping Basics
1. Debugger Stepping Basics
36. Stepping Into Calls
1. Stepping Into Calls
37. Breakpoints
1. Breakpoints
2. Setting Breakpoints on Strings
38. Reversing Jumps
1. Reversing Jumps
39. How to patch a program
1. How to patch a program
2. Patching with Jumps
40. Summary of Cracking Software Workflow
1. The 5 steps of cracking software
41. Introduction to cracking gui-based programs
1. Introduction to cracking gui-based programs
42. Analyzing the PE for a gui-based program
1. Analyzing the PE for a gui-based program
43. Crack the Serial Key using BP on strings
1. Setting up x64dbg
2. Crack the Serial Key using BP on strings
44. Windows api functions & the stack
1. Window api functions
2. Pushing parameters to the stack
45. Patching to bypass wrong serial key message
1. Patching to bypass wrong serial key message
2. Bypassing using xor assembly
46. Bonus Lecture
1. Bonus Lecture