Showing posts tagged #security

Return Home

Today I came across this post that states that it is not possible to get a hard-coded password out of a binary by using the strings command.
But a while back I also remember reading another article saying that it is indeed possible.

So, is it?

I grabbed the code

Read More

The Ruby on Rails framework provides a pretty good built-in filter for SQL injection if you use ActiveRecord methods such as find or find_by.
But that does not mean you can carelessly throw parameters to an ActiveRecord method as the methods that take an SQL fragment are still vulnerable

Read More

Logging Cowrie logs to the ELK stack

dashboard

This entry will cover the basics of setting up the Cowrie SSH honeypot and Filebeat to export Cowrie's logs to Elasticsearch, so we can use Kibana to visualize them in charts.

Goal

We will have 2 servers with private networking between them. One will host the ELK stack and the

Read More