pierre

Haha it will crash out my computer for sure if I do an extract ! Futhermore I might understand that there is 16 layers of zip files, each ones containing zip files and so on.. But still don't know how they manage to only have a 42 Kb zip file whereas me who nearly have a 1 Mb zip file that only contains 1 Gb.....

$ zipinfo 42.zip Archive: 42.zip Zip file size: 42838 bytes, number of entries: 16 -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 0.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 1.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 2.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 3.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 4.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 5.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 6.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 7.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 8.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib 9.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib a.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib b.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib c.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib d.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib e.zip -rw-a-- 6.3 fat 34902 Bx u099 00-Mar-28 21:40 lib f.zip 16 files, 558432 bytes uncompressed, 40192 bytes compressed: 92.8% I don't think I can go deeper without any extraction..

Hello, I was trying to make a 42.zip bomb which is a : " A file that is only 42,374 bytes (42KB). When unzipped it becomes 4,503,599,626,321,920 bytes (4.5 Peta Bytes)!!! " Me I can only achieve a 1Mb zip file that almost contain 1Gb txt file: $ zip bomb.zip bomb_1G.txt adding: bomb_1G.txt (deflated 100%) $ du -h bomb.zip 948K bomb.zip $ zipinfo bomb.zip Archive: bomb.zip Zip file size: 970656 bytes, number of entries: 1 -rw-r--r-- 3.0 unx 1000000000 tx defN 18-Jun-21 06:12 bomb_1G.txt 1 file, 1000000000 bytes uncompressed, 970484 bytes compressed: 99.9% Do you know how I could achieve a better "bomb" with less space ? Regards

Yes it is... Also I got the free version and each time I restart burp the extension has been removed and I got to install it again... Have you got a solution for having the extension be remaining on burpsuite even after a restart ? I would have create a burp project but I can't with the free version... EDIT: I think I have to run burpsuite as root for installing an extension because the installation is at /usr/bin which requires admin privileges for write anything.

Hello, I am trying install the extension "wsdler" for exploiting web services. (https://portswigger.net/bappstore/594a49bb233748f2bc80a9eb18a2e08f) But during the installation in Burp, I got an error : And the details: Have you got any clue how to resolve this issue ? I don't think it is a space allocation problem because the extension don't exceed 1 Mo.. And I really don't know how to deal with a permission problem ! Thanks EDIT: solved, just need to launch burp along with "root" right

Hello, I would like to block ping sweep which permitts determine whether a host is up or not by sending TCP SYN packet. But if the host has a webserver supposed to be reachable, how can I block TCP SYN packet ? Regards,

Ah ok, though it was related to any "Microsoft CVE nomenclature". Indeed, "Microsoft Security Bulletin" Thanks :)

Ok so for this point above: This update security that patchs the vulnerability MS16-047 is ID 3149090, and it also patch the vuln MS16-007 (that was originally pactchs with the update security 3121918). -> So it is recommanded to apply the security update 3149090 to patch both MS16-047 & MS16-007 Is that so ?

Yes but I did not understand " in any chain of superseded updates". So it can be translate by : "The security update ID for patching the ms16-047 vulnerability"

Hello, I was working on Windows vulnerabilities. By looking at a security bulletin, I did not understand a column. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-047 See: What does it mean "Updates replaced", and specifically the huge number "3121918" ? (related with the vulnerability name) Thanks

But the SSL session ID don't change from the two request (even if Iknow you are talking about TCP session ID): I even get a warning message because the same session keys seem to be re-used ! But a new handshake is occuring, so why is the same session id and key (symetric primary key ?) generated again to cipher the exchange ?

Hello, I am working around the HTTPS protocol. I made two request with my web browser: 1- request the login page 2-send my credential toward the server I was inspecting my network mark, but I discover the HTTPS handshake is made each time the client (web browser) is making a web request. As you can see: Is it a normal behaviour ? Making a new secret primary key each time isn't too weighty ? I thought only one primary key was created at the outcome of the handshake and then use each time a new web request was made. Feel free to explain me :) Thanks

Ok we agree for determining a single word, login or password. But now the number of possibilities for the combination of credentials login:password, that are between 6 and 8 characters long, is: P = [(62 ^ 6) + (62 ^ 6) + (62 ^ 8)] x 2 ?

Hello, I have a doubt on a math calculation regarding bruteforce operation. If I have to look for credential (login+password) between 6 and 8 characters long, mixing lowercase/uppercase/numeric, the right number of possibilities is: P = [(26+26+10)6 + (26+26+10)7 + (26+26+10)8] * 2 ? Thanks :)

Ok I should inspect the server side to know why my injection works.