Zip Bombs II: Quine Bombs

Zip Bomb

In last week’s post I introduced the zip bombs and explained how to create a zip bomb using the recursion technique. I recommend that you take a look at it if you haven’t already done so.  In this new entry I’m going to introduce the Quine Bombs.  Quine Programs In computing, a “quine” program is … Read more

Zip Bomb I: Nested bombs

Zip Bomb

When a file is compressed, its size is reduced. It’s based on a simple principle: if you have a file with the text “aaaaaabbb”, which is 9 characters long, you could reduce the size by saving it as “6a3b”. Using this rudimentary algorithm, you can decompress the compressed file by multiplying the character that follows … Read more

Cross-Site Scripting: XSS Injection

Cross-Site Scripting: XSS Injection

After the posts about SQL Injection and NoSQL Injection, today I bring you the XSS Injection. This attack consists of injecting malicious code into benign web pages. The attacker injects code from the client side, so that for a bad configuration of the website, this code is shown to other users. This type of attack … Read more

noSQL Injection

noSQL Injection

In previous posts I have talked about SQL injections. It is usually the first example of computer security that is given to a student: ” ´ or 1 = 1 — a “ However, this is only useful for servers that use relational databases, such as MySQL, MSSQL, Oracle. In the last decade another type of … Read more

WordPress Shielding

Wordpress Shielding

As time goes by this domain gets bigger and bigger… Thanks to you! With less than a year of life, Google Analytics has notified me that in March I surpassed the one thousand monthly users.  This is great news, but at the same time it has made me think that I should retouch a couple … Read more

Google Hacking

Google Hacking

Google is one of the most famous search engines in the world. However, searching Google is an art that many people don’t quite understand. And a case apart are those who prefer to ask you rather than do a simple google search. Luckily, there are awareness pages like lmgtfy Do you want to know how … Read more

Physical hacking with USB

Physical hacking with USB

Have you ever been told that if you find a USB stick on the floor, you shouldn’t put it in your computer? Today I’ll show you through a proof of concept why you shouldn’t do it. In this post we will see how to create a malicious USB that can infect a computer in seconds. … Read more

The art of breaking a hash (Hashcat)

The art of breaking a hash (Hashcat)

In this other post I talked about passwords and the conditions that must be met to be considered secure. However, if we enter the world’s strongest password on an insecure site, an attacker who has access to the database will be able to obtain it no matter how long or complicated it is. The question … Read more