Bitcrack Cyber Security Blog
The official blog of Bitcrack Cyber Security. Keep up to date with our latest research, findings, announcements and more.

Latest

Jul
23

Got Hashes. Need Plains | Hands-on Password Cracking

Our training workshop at BSides Las Vegas 2023 August 8th 15h00 The course outline is shown below. Participant Requirements Please
1 min read
Jun
27

BSides Athens 2023: Defending Appsec​ [Slides]

Defending Appsec 3 After Defending_Appsec 3 After.pdf 3 MB download-circle
Mar
06

Remote Stealth Brute-force of Oracle Database Passwords

During an internal penetration test we discovered an Oracle database of version 11g Release 2 in the client’s network.
8 min read
Dec
26

Robots & Passwords - OpenAI and Password Cracking

With a lot of interest in OpenAI recently, it has become apparent that one can also use the technology for
6 min read
Nov
29

Brocade Fabric OS ≤ v8.0.2c rbash escape to read system files

Broadcom offers a number of products and networking solutions such as switches, extensions etc. These products come with their own
1 min read
Nov
21

BSides Cape Town 2022 CTF

We're sponsoring a Password Hash Cracking Contest For BSides Cape Town 2022! The Flag to Capture? Passwords...lots and lots
1 min read
May
19

Gaining access through error-based SQLi using WebSockets

Introduction In the previous Pwning the portal blog post, we extracted the source code of a corporate login portal through
4 min read
Jan
12

Pwning the portal: from database dump to session hijacking

Introduction I find that doing bug hunting and responsible disclosure is a nice practical way to “learn by doing” for
5 min read
Oct
15

Misusing BeyondTrust Remote Support Leads To Data Exposure

BeyondTrust (former Bomgar) is a security firm, offering access management solutions to a large number of companies, “including half of
4 min read
Sep
08

Hacking WordPress Plugins Part 2 - Open Redirect [CVE-2021-24288]

AcyMailing [https://www.acymailing.com/] is a newsletter subscription WordPress plugin with more than 30.000 total downloads and more
4 min read