Skip to main content

Posts

What You Need to Know About the Certified Hardware Hacker (CH2) Certification

As someone who began in embedded engineering and transitioned into cybersecurity, I’ve always been interested in that gray space where hardware meets software. When I came across the Certified Hardware Hacker (CH2) certification from We Hack In Disguise (WHID) , it felt like a solid way to expand my skills into hardware hacking. The course promised a deep dive into embedded and IoT device security with hands-on labs, real-world tooling, and a technical curriculum. Now that I’ve completed the training and passed the certification, here’s my review for those considering it. A Look Inside the Training The CH2 training is built around a self-paced, lab-heavy approach. It blends theory and practice with structured content, walkthroughs, and exercises that you can follow at your own speed. From the start, it was clear this wasn’t just another set of slides and multiple-choice questions. The labs drive the learning process, and that’s where most of the value lies. Topics covered include: Dump...
Read more
Recent posts

Chamilo LMS: CVE-2024-27524 & CVE-2024-27525

CVE-2024-27524:  Stored XSS in tickets Severity:  High  (Base Score  7.1 ) CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H   Mitigation: Upgrade to Chamilo LMS 1.11.28 and above. Patch:  https://github.com/chamilo/chamilo-lms/commit/53275c152275958b33a1f87a21843daa52fb543a CVE-2024-27525:  Self XSS in social network Base Score:  Medium  (Base Score  4.6 ) CVSS Vector:  CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L Mitigation: Upgrade to Chamilo LMS 1.11.28 and above. Patch:  https://github.com/chamilo/chamilo-lms/commit/a63e03ef961e7bf2dab56f4ede6f87edef40ba0c Overview This advisory covers the discovery of two vulnerabilities within Chamilo LMS, an open-source learning management system (LMS) widely used across educational institutions. These vulnerabilities—stored cross-site scripting (Stored XSS) and self-cross-site scripting (Self XSS)—pose different levels of security risks but highlight critical consideration...
Read more

How to Hack a Wi-Fi Network: WPA/WPA2 PSK Attack Methodology

Wi-Fi hacking is often synonymous with WPA/WPA2 PSK attacks, one of the most popular ways hackers attempt to compromise wireless networks. These attacks take advantage of weak pre-shared keys (passwords) by capturing a crucial piece of data known as the 4-way handshake  during the network authentication process. Once captured, this data can be cracked using dictionary or brute-force attacks to reveal the network's password. The attack methodology involves several steps, starting from identifying the target network, capturing traffic, and forcing devices on the network to disconnect (using a deauthentication attack), all the way to cracking the captured handshake with tools like aircrack-ng . By generating custom wordlists with tools like CUPP  and rsmangler , attackers can tailor their brute-force attempts to the specific target. This guide will walk you through the entire process, detailing the tools, techniques, and commands used, while also explaining how to secure your ow...
Read more

How to Prevent SQL Injection Attacks: A Comprehensive Guide

SQL Injection (SQLi) is a dangerous security vulnerability that threatens web applications by allowing attackers to manipulate databases through malicious inputs. It can result in unauthorized access to sensitive information, data corruption, or even complete system compromise. This guide outlines SQL Injection, its mechanisms, real-world cases, and practical steps for preventing such attacks. Table of Contents 1. What is SQL Injection? 2. How SQL Injection Attacks Work 3. Step-by-Step Guide to Preventing SQL Injection 4. SQL Injection Prevention Best Practices 5. Conclusion 1. What is SQL Injection? SQL Injection is a method where attackers exploit a web application by inserting malicious SQL code into an input field, gaining access to a database or executing unintended commands. Web applications that fail to validate and sanitize user inputs are particularly susceptible. When a user enters data, like a username or search term, the application interacts with its database by exec...
Read more

OSWE: The Review That You Should Read

  In the ever-evolving world of cybersecurity, certifications are often seen as milestones that mark one's journey from novice to expert. Among the myriad of certifications available, OffSec Web Expert (OSWE) stands out as one of the most challenging and respected. If you're considering pursuing OSWE, or if you're simply curious about what it entails, this review is for you. What is OSWE? OSWE, or OffSec Web Expert, is an advanced certification offered by OffSec, a renowned organization in the cybersecurity community. The certification is aimed at professionals who want to demonstrate their expertise in conducting white-box penetration testing on web applications. Unlike black-box penetration testing, where the tester has no prior knowledge of the target, white-box testing involves having access to the application's source code, allowing for a more thorough and in-depth analysis. The OSWE certification is not just another feather in your cap; it's a rigorous test of...
Read more