Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Podobny do Hacker Talk
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
))
Compromising Covid-19 systems with Pavol Luptak
Manage episode 334221760 series 3370924
Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Buckle in for a great episode of Hacker Talk! Pavol Luptak, CEO of Nethemba joins us, and
walks us through the vulnerabilities that were found in Slovakia's covid-19 PCR and anti-gen authority.
Tune into the most technical and detailed covid-19 hacking episode, right here on Hacker Talk.
In this episode we cover:
Pavol's journey into it-security
old-school Unix
privilege escalation attacks
Traditional C and Assembly, shellcodes
Becoming a penetration tester
Rfid
Finding vulnerabilities in parking system, parking in Bratislava for free
Hacking Slovakia's covid-19 systems
extracting PCR and anti-gen covid-19 tests for all Slovakian citizens.
Finding vulnerabilities in PCR test authorities.
enumeration attacks.
Slovakian eHranica forms.
Generating birthdate number.
Finding birthdates on Facebook and Wikipedia
Leveraging different parts of the systems to make them work together
Impersonation attacks
OWASP Web Security Testing Guide
Cracking Captcha's
Rate limiting requests
Security mitigations that you can user
Central European Bug Bounty programs
Hacktrophy
Best practices for bug bounties for enterprises
How to get started with penetration testing
The new smart contract security field
Personal number generation script:
#!/bin/bash
for (( year=54; year < 100; year++)));
to
for (( month=1; month < 13; month++)));
to
for (( day=1; day < 32; day++)));
to
for (( suffix=0; suffix < 10000; suffix++))
to
final=$(( $year*100000000+$month*1000000+$day*10000+$suffix ));
if (( final % 11 == 0 )); then printf "%010d\n" $final;
fi
done
done
done
done
External Links:
https://nethemba.com/possibility-of-widespread-leak-and-misuse-of-eu-vaccination-certificates/
https://nethemba.com/kriticka-zranitelnost-v-aplikacii-moje-ezdravie-unik-databazy-pacientov-testovanych-na-covid-19/
https://slides.com/nethemba/how-trivial-critical-vulnerabilities-can-lead-to-a-complete-leak-of-sensitive-covid-19-data-on-all-citizens-of-the-country
https://spectator.sme.sk/c/22722505/serious-flaw-in-ehranica-form-attackers-able-to-send-people-into-self-isolation.html
https://wilderko.medium.com/
https://owasp.org/www-project-web-security-testing-guide/
https://nginx.org/
https://docs.nginx.com/nginx-waf/
https://en.wikipedia.org/wiki/Cloudflare
https://hacktrophy.com/en/
https://nethemba.com/resources/ehranice-critical-vulnerabilities.pdf
19 odcinków
Udostępnij
Manage episode 334221760 series 3370924
Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Buckle in for a great episode of Hacker Talk! Pavol Luptak, CEO of Nethemba joins us, and
walks us through the vulnerabilities that were found in Slovakia's covid-19 PCR and anti-gen authority.
Tune into the most technical and detailed covid-19 hacking episode, right here on Hacker Talk.
In this episode we cover:
Pavol's journey into it-security
old-school Unix
privilege escalation attacks
Traditional C and Assembly, shellcodes
Becoming a penetration tester
Rfid
Finding vulnerabilities in parking system, parking in Bratislava for free
Hacking Slovakia's covid-19 systems
extracting PCR and anti-gen covid-19 tests for all Slovakian citizens.
Finding vulnerabilities in PCR test authorities.
enumeration attacks.
Slovakian eHranica forms.
Generating birthdate number.
Finding birthdates on Facebook and Wikipedia
Leveraging different parts of the systems to make them work together
Impersonation attacks
OWASP Web Security Testing Guide
Cracking Captcha's
Rate limiting requests
Security mitigations that you can user
Central European Bug Bounty programs
Hacktrophy
Best practices for bug bounties for enterprises
How to get started with penetration testing
The new smart contract security field
Personal number generation script:
#!/bin/bash
for (( year=54; year < 100; year++)));
to
for (( month=1; month < 13; month++)));
to
for (( day=1; day < 32; day++)));
to
for (( suffix=0; suffix < 10000; suffix++))
to
final=$(( $year*100000000+$month*1000000+$day*10000+$suffix ));
if (( final % 11 == 0 )); then printf "%010d\n" $final;
fi
done
done
done
done
External Links:
https://nethemba.com/possibility-of-widespread-leak-and-misuse-of-eu-vaccination-certificates/
https://nethemba.com/kriticka-zranitelnost-v-aplikacii-moje-ezdravie-unik-databazy-pacientov-testovanych-na-covid-19/
https://slides.com/nethemba/how-trivial-critical-vulnerabilities-can-lead-to-a-complete-leak-of-sensitive-covid-19-data-on-all-citizens-of-the-country
https://spectator.sme.sk/c/22722505/serious-flaw-in-ehranica-form-attackers-able-to-send-people-into-self-isolation.html
https://wilderko.medium.com/
https://owasp.org/www-project-web-security-testing-guide/
https://nginx.org/
https://docs.nginx.com/nginx-waf/
https://en.wikipedia.org/wiki/Cloudflare
https://hacktrophy.com/en/
https://nethemba.com/resources/ehranice-critical-vulnerabilities.pdf
19 odcinków
Kaikki jaksot
×
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.
Podobny do Hacker Talk
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
