Probabilistic data structures to estimate cardinalities and frequencies of massive streams

Posted on Mi 20 Juli 2016 in BigData • Tagged with LogLog-Count, Count-Min-Sketch, Linear Count, Big Data, Stream ProcessingLeave a comment

In the following blog post we will introduce three different Big Data algorithms. More specifically, we will learn about probabilistic data structures that allow us to estimate cardinalities and frequencies of elements that originate from a massive stream of data. This blog post is heavily inspired by a the well written article on probabilistic data structures for web analytics and data mining. I will not cover the mathematics behind those data structures, the beforementioned blog post does that much better. And if not, then you should probably consult the original ...

Continue reading

What other package managers are vulnerable to typo squatting attacks?

Posted on Do 30 Juni 2016 in Security • Tagged with security, Typosquatting, nuget, cargoLeave a comment

In my last blog post about typosquatting package managers I discussed my findings about attacking the programming language package managers from rubygems.org, PyPi and npmjs.com.

This blog contribution generated quite some interest and people subsequently asked themselves whether other package managers might also be vulnerable to this hybrid attack (typosquatting involves a technical and psychological attack vector). During the time I wrote my thesis, I encountered some other package managers. A very good overview of some of the most recent package managers gives the github showcase page about ...

Continue reading

Typosquatting programming language package managers

Posted on Mi 08 Juni 2016 in Security • Tagged with PyPi, Npmjs.com, rubygems.org, security, TyposquattingLeave a comment

Edit: It seems that the blog post and the thesis caused quite some interest. Please contact me under the following mail address, since my mail server on this VPS is constantly down :/ tschachn [|[at]|] hu-berlin [[|dot|]] de

In this blog post I will show how:

  • 17000 computers were forced to execute arbitrary code by typosquatting programming language packages/libraries
  • 50% of these installations were conducted with administrative rights
  • Even highly security aware institutions (.gov and .mil hosts) fell victim to this attack
  • a typosquatting attack becomes wormable by mining the ...
Continue reading

Nebula Wargame walkthrough Level 10-19

Posted on Di 29 September 2015 in Wargames • Tagged with Linux, Programming, Security, Problem SolvingLeave a comment

Walkthrough of nebula wargame from level 10 to level 19

Continue reading

Nebula Wargame walkthrough Level 0-9

Posted on Mo 28 September 2015 in Wargames • Tagged with Linux, Programming, Security, Problem SolvingLeave a comment

In this blog post we will walk through the solutions of the levels 0 to 9 of the Nebula wargame, which is hosted on http://exploit-exercises.com. This writeup will force me to memorize commands better and exercise a bit. I fear that this writeup is of no use for other people, since you hopefully want to solve those exercises on your own :)

Level 0 - Finding setuid programs in the filesystem

As the descriptions states you need to find a setuid binary that gets a shell for the flag00 user ...

Continue reading

Solution for wargame natas19

Posted on Di 15 September 2015 in Php • Tagged with Python, Wargames, Php, SecurityLeave a comment

Hi everyone

I am still trying to solve wargames on overthewire. Level 19 proofed to be very similar to level 18, where server side code looks something like the following:

<?

$maxid = 640; // 640 should be enough for everyone

function isValidAdminLogin() { /* {{{ */
    if($_REQUEST["username"] == "admin") {
    /* This method of authentication appears to be unsafe and has been disabled for now. */
        //return 1;
    }

    return 0;
}
/* }}} */
function isValidID($id) { /* {{{ */
    return is_numeric($id);
}
/* }}} */
function createID($user) { /* {{{ */
    global $maxid;
    return rand(1, $maxid);
}
/* }}} */
function debug($msg) { /* {{{ */
    if(array_key_exists("debug", $_GET)) {
        print "DEBUG: $msg";
    }
}
/* }}} */
function my_session_start() { /* {{{ */
    if ...
Continue reading