Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Contenu fourni par Firo Solutions LTD. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Firo Solutions LTD ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Similaire à Hacker Talk
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
We help founders make something people want.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Daily update on current cyber security threats
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Welcome to Hands-On Tech, where host Mikah Sargent turns tech troubles into tech triumphs. Each episode zooms in on a specific theme, unpacking listener questions with expert analysis and easy-to-follow advice. From decoding the latest gadgets to simplifying everyday tech, Mikah's got you covered. Submit your tech queries through email at HOT@twit.tv or via TWiT's social media. You might hear your question answered on air! And keep an ear out for guest experts who drop by to share their spec ...
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
))
Compromising Covid-19 systems with Pavol Luptak
Manage episode 334221760 series 3370924
Contenu fourni par Firo Solutions LTD. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Firo Solutions LTD ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Buckle in for a great episode of Hacker Talk! Pavol Luptak, CEO of Nethemba joins us, and
walks us through the vulnerabilities that were found in Slovakia's covid-19 PCR and anti-gen authority.
Tune into the most technical and detailed covid-19 hacking episode, right here on Hacker Talk.
In this episode we cover:
Pavol's journey into it-security
old-school Unix
privilege escalation attacks
Traditional C and Assembly, shellcodes
Becoming a penetration tester
Rfid
Finding vulnerabilities in parking system, parking in Bratislava for free
Hacking Slovakia's covid-19 systems
extracting PCR and anti-gen covid-19 tests for all Slovakian citizens.
Finding vulnerabilities in PCR test authorities.
enumeration attacks.
Slovakian eHranica forms.
Generating birthdate number.
Finding birthdates on Facebook and Wikipedia
Leveraging different parts of the systems to make them work together
Impersonation attacks
OWASP Web Security Testing Guide
Cracking Captcha's
Rate limiting requests
Security mitigations that you can user
Central European Bug Bounty programs
Hacktrophy
Best practices for bug bounties for enterprises
How to get started with penetration testing
The new smart contract security field
Personal number generation script:
#!/bin/bash
for (( year=54; year < 100; year++)));
to
for (( month=1; month < 13; month++)));
to
for (( day=1; day < 32; day++)));
to
for (( suffix=0; suffix < 10000; suffix++))
to
final=$(( $year*100000000+$month*1000000+$day*10000+$suffix ));
if (( final % 11 == 0 )); then printf "%010d\n" $final;
fi
done
done
done
done
External Links:
https://nethemba.com/possibility-of-widespread-leak-and-misuse-of-eu-vaccination-certificates/
https://nethemba.com/kriticka-zranitelnost-v-aplikacii-moje-ezdravie-unik-databazy-pacientov-testovanych-na-covid-19/
https://slides.com/nethemba/how-trivial-critical-vulnerabilities-can-lead-to-a-complete-leak-of-sensitive-covid-19-data-on-all-citizens-of-the-country
https://spectator.sme.sk/c/22722505/serious-flaw-in-ehranica-form-attackers-able-to-send-people-into-self-isolation.html
https://wilderko.medium.com/
https://owasp.org/www-project-web-security-testing-guide/
https://nginx.org/
https://docs.nginx.com/nginx-waf/
https://en.wikipedia.org/wiki/Cloudflare
https://hacktrophy.com/en/
https://nethemba.com/resources/ehranice-critical-vulnerabilities.pdf
20 episodes
Partager
Manage episode 334221760 series 3370924
Contenu fourni par Firo Solutions LTD. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Firo Solutions LTD ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Buckle in for a great episode of Hacker Talk! Pavol Luptak, CEO of Nethemba joins us, and
walks us through the vulnerabilities that were found in Slovakia's covid-19 PCR and anti-gen authority.
Tune into the most technical and detailed covid-19 hacking episode, right here on Hacker Talk.
In this episode we cover:
Pavol's journey into it-security
old-school Unix
privilege escalation attacks
Traditional C and Assembly, shellcodes
Becoming a penetration tester
Rfid
Finding vulnerabilities in parking system, parking in Bratislava for free
Hacking Slovakia's covid-19 systems
extracting PCR and anti-gen covid-19 tests for all Slovakian citizens.
Finding vulnerabilities in PCR test authorities.
enumeration attacks.
Slovakian eHranica forms.
Generating birthdate number.
Finding birthdates on Facebook and Wikipedia
Leveraging different parts of the systems to make them work together
Impersonation attacks
OWASP Web Security Testing Guide
Cracking Captcha's
Rate limiting requests
Security mitigations that you can user
Central European Bug Bounty programs
Hacktrophy
Best practices for bug bounties for enterprises
How to get started with penetration testing
The new smart contract security field
Personal number generation script:
#!/bin/bash
for (( year=54; year < 100; year++)));
to
for (( month=1; month < 13; month++)));
to
for (( day=1; day < 32; day++)));
to
for (( suffix=0; suffix < 10000; suffix++))
to
final=$(( $year*100000000+$month*1000000+$day*10000+$suffix ));
if (( final % 11 == 0 )); then printf "%010d\n" $final;
fi
done
done
done
done
External Links:
https://nethemba.com/possibility-of-widespread-leak-and-misuse-of-eu-vaccination-certificates/
https://nethemba.com/kriticka-zranitelnost-v-aplikacii-moje-ezdravie-unik-databazy-pacientov-testovanych-na-covid-19/
https://slides.com/nethemba/how-trivial-critical-vulnerabilities-can-lead-to-a-complete-leak-of-sensitive-covid-19-data-on-all-citizens-of-the-country
https://spectator.sme.sk/c/22722505/serious-flaw-in-ehranica-form-attackers-able-to-send-people-into-self-isolation.html
https://wilderko.medium.com/
https://owasp.org/www-project-web-security-testing-guide/
https://nginx.org/
https://docs.nginx.com/nginx-waf/
https://en.wikipedia.org/wiki/Cloudflare
https://hacktrophy.com/en/
https://nethemba.com/resources/ehranice-critical-vulnerabilities.pdf
20 episodes
Tous les épisodes
×
Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.
Similaire à Hacker Talk
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
We help founders make something people want.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Daily update on current cyber security threats
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Welcome to Hands-On Tech, where host Mikah Sargent turns tech troubles into tech triumphs. Each episode zooms in on a specific theme, unpacking listener questions with expert analysis and easy-to-follow advice. From decoding the latest gadgets to simplifying everyday tech, Mikah's got you covered. Submit your tech queries through email at HOT@twit.tv or via TWiT's social media. You might hear your question answered on air! And keep an ear out for guest experts who drop by to share their spec ...
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
