Forwarded from Remedy
Continuing with our Glider Q&A Series, this week's question is: How does Glider work?
Each Glide defines a specific set of instructions that the query engine must execute. These instructions specify what Solidity code Glider should look for.
Once a Glide is written, a Glide developer can then submit the query to Glider. Glider first validates that the query syntax is correct. If the syntax is correct, Glider then processes the query instructions and scans the entire Glider database for any Solidity code that matches the query’s specifications.
Once finished, Glider returns the Solidity code results back to the researcher/developer to review in a readable format.
Don't forget to join our Discord for more Glider Resources
Wishing you all a nice weekend 🫡☀
Please open Telegram to view this post
VIEW IN TELEGRAM
🙏6
🧪
🔗 https://chatgpt.com/share/20595387-9115-440e-ba13-215b2f0e9d69
unit & integration Testing — What, Why, How — Using Foundry Toolkit🔗 https://chatgpt.com/share/20595387-9115-440e-ba13-215b2f0e9d69
Chatgpt
A conversational AI system that listens, learns, and challenges
👌6
1️⃣7️⃣ #ETHERNAUT #level_17 #Recovery
- First Must Check The Contract at https://sepolia.etherscan.com (HERE)
- Then Check the transaction which contract deployed at it (HERE)
- then you will See Some Ether transfered between some contracts. the second contract which received the ether is the our target (HERE)
- we must be sure that the contract is the right contract so we can use some functions such as
- then we must call
🥷🍷 <Happy Hacking/>
- First Must Check The Contract at https://sepolia.etherscan.com (HERE)
- Then Check the transaction which contract deployed at it (HERE)
- then you will See Some Ether transfered between some contracts. the second contract which received the ether is the our target (HERE)
- we must be sure that the contract is the right contract so we can use some functions such as
name(), balances(),.... but i called transfer() (HERE) {Before i transfered 0.1 ether to the contract}- then we must call
destroy() function (HERE)🥷🍷 <Happy Hacking/>
Ethereum (ETH) Blockchain Explorer
Contract Address 0x2bb557e589235076d5f90cb181c29eecd8fd76b7 | Etherscan
The Contract Address 0x2bb557e589235076d5f90cb181c29eecd8fd76b7 page allows users to view the source code, transactions, balances, and analytics for the contract address. Users can also interact and make transactions to the contract directly on Etherscan.
🔥11⚡1
👓 Recording all the emitted events - Explained The Foundry Book's Example
⚠️
🔗 https://book.getfoundry.sh/cheatcodes/record-logs
⚠️
import {Vm} from "lib/forge-std/src/Vm.sol";🔗 https://book.getfoundry.sh/cheatcodes/record-logs
👾8⚡5🔥1
Forwarded from GO-TO CVE
CVE-2023-46943-week-18.pdf
1.1 MB
بررسی آسیبپذیری CVE-2023-46943 👨💻
سلام به همه دوستان عزیز! 🌟
خوش آمدید به برنامه هفته 18 از تحلیل آسیبپذیریهای hashtag#GOTOCVE. این هفته به بررسی آسیبپذیری مهم CVE-2019-15107 پرداختهایم که مربوط به webmin و آسیب پذیری RCE روی این پلتفروم کنترول سرویس وب است برای برسی بیشتر با ما همراه باشید.
👾 Week: 18
🔍 CVE: CVE-2019-15107
📊 Type: RCE
🛠 CMS: Webmin
در این برنامه، به جزئیات آسیبپذیری، روشهای اکسپلویت و تکنیکهای پیشگیری از آن خواهیم پرداخت ایم.
رای پیوستن به کانال تلگرام ما و دریافت آخرین اخبار و بهروزرسانیها، از لینک زیر استفاده کنید:
🔗 پیوستن به کانال تلگرام
https://news.1rj.ru/str/GOTOCVE💫
مقالات ما را نیز میتوانید در وبسایت زیر دنبال کنید:
🔗 مطالعه مقالات
https://lnkd.in/dFFCY5Kn
نویسندگان:
• Maha
• Mostpow3rful
• Parsa Momeni
• Fazel Mohammad Ali Pour
• Reza Olfat
• Ali Soltani
سلام به همه دوستان عزیز! 🌟
خوش آمدید به برنامه هفته 18 از تحلیل آسیبپذیریهای hashtag#GOTOCVE. این هفته به بررسی آسیبپذیری مهم CVE-2019-15107 پرداختهایم که مربوط به webmin و آسیب پذیری RCE روی این پلتفروم کنترول سرویس وب است برای برسی بیشتر با ما همراه باشید.
👾 Week: 18
🔍 CVE: CVE-2019-15107
📊 Type: RCE
🛠 CMS: Webmin
در این برنامه، به جزئیات آسیبپذیری، روشهای اکسپلویت و تکنیکهای پیشگیری از آن خواهیم پرداخت ایم.
رای پیوستن به کانال تلگرام ما و دریافت آخرین اخبار و بهروزرسانیها، از لینک زیر استفاده کنید:
🔗 پیوستن به کانال تلگرام
https://news.1rj.ru/str/GOTOCVE💫
مقالات ما را نیز میتوانید در وبسایت زیر دنبال کنید:
🔗 مطالعه مقالات
https://lnkd.in/dFFCY5Kn
نویسندگان:
• Maha
• Mostpow3rful
• Parsa Momeni
• Fazel Mohammad Ali Pour
• Reza Olfat
• Ali Soltani
⚡7🔥3
KS note
💻 Use Foundry Better 🔗 https://github.com/Cyfrin/foundry-full-course-cu/discussions/1882
GitHub
Use Foundry better [2] · Cyfrin/foundry-full-course-cu · Discussion #2285
GM @PatrickAlphaC at Foundry101 Course, Section 2, EP 14 (Foundry tests cheatcodes), you created 2 new view functions to get some value and use the function in the test files : it's OK and good...
🍾8🔥4👌2
⚙️ There are many Article/Resource/Github Repo About "EVM", "Storage" & etc. but, this is a good one to start
🔗 Understanding Ethereum Smart Contract Storage
🔗 Understanding Ethereum Smart Contract Storage
Programtheblockchain
Understanding Ethereum Smart Contract Storage
Ethereum smart contracts use an uncommon storage model that often confuses new developers. In this post, I’ll describe that storage model and explain how the Solidity programming language makes use of it.
🙏4👏1👌1
🍾 Finally! pwned "Locked and Loaded" Blockchain Challenge At HTB & Solved All the blockchain challenges (Non-VIP)
🔗 X
🔗 Linkedin
🔗 X
🍾9❤🔥2⚡1
Forwarded from Ali Soltani
🔐 Join the GO-TO CVE Channel! 🔐
Every week, we take a deep dive into the latest CVE vulnerabilities, explaining how they work and how to protect against them. We also share custom exploits and pentesting techniques to help you understand the vulnerabilities better. Additionally, we cover SOC (Security Operations Center) strategies and provide insights on malware analysis regularly. Stay informed, stay secure! 🚨
👉 If you’re passionate about cybersecurity or just want to stay ahead of the latest threats, this is the place for you. Let’s build a safer tomorrow together!
Join us now and be part of the conversation:
🔗 https://news.1rj.ru/str/GOTOCVE
Every week, we take a deep dive into the latest CVE vulnerabilities, explaining how they work and how to protect against them. We also share custom exploits and pentesting techniques to help you understand the vulnerabilities better. Additionally, we cover SOC (Security Operations Center) strategies and provide insights on malware analysis regularly. Stay informed, stay secure! 🚨
👉 If you’re passionate about cybersecurity or just want to stay ahead of the latest threats, this is the place for you. Let’s build a safer tomorrow together!
Join us now and be part of the conversation:
🔗 https://news.1rj.ru/str/GOTOCVE
Telegram
GO-TO CVE
Hello and welcome to the channel! Every week, we dive deep into a new CVE and share our analysis here. I’d love for you to follow us on social media.
Join our chat on Telegram via the link below: https://news.1rj.ru/str/gotocvechat
Secured by = 🧿
Join our chat on Telegram via the link below: https://news.1rj.ru/str/gotocvechat
Secured by = 🧿
🔥4🙏1
☘️ Good video for a person who is realllllly 0️⃣ in Security. Jesper will talk about delegatecall, storage slots, introduce some CTFs & etc.
🔗 https://www.youtube.com/watch?v=BfzLR1Sscb4
🔗 https://www.youtube.com/watch?v=BfzLR1Sscb4
YouTube
How I Hacked a Live Smart Contract & How to Get Started in White Hat Hacking
I Hacked a Live Contract! 😬
In this video, I show you step by step how I hacked a live smart contract posted as a challenge by Rareskills.io (https://www.rareskills.io/). I show how delegatecall can be exploited if not guarded correctly by the contract.…
In this video, I show you step by step how I hacked a live smart contract posted as a challenge by Rareskills.io (https://www.rareskills.io/). I show how delegatecall can be exploited if not guarded correctly by the contract.…
🆒3😈2
1️⃣5️⃣ #ETHERNAUT #level_15 #Naught_Coin
before call the exploit function, don't forgot to call
🥷🍷 <Happy Hacking/>
before call the exploit function, don't forgot to call
approve() :cast send $TARGET_CONTRACT_ADDRESS "approve(address,uint256)" EXPLOIT_CONTRACT_ADDRESS 1000000000000000000000000 --private-key $PRIVATE_KEY --rpc-url $SEPOLIA_RPC_URL
🥷🍷 <Happy Hacking/>
😈12🔥1👌1
🔥14🏆3🐳2⚡1👾1