Первый http сервер на С++, заметки для новичков

Решил написать простенькую статейку по следам реализации небольшой программки на С++ под Виндоус, которая содержит в себе TCP сервер. Мы получаем от клиента http запрос. Соединение не защищенное. На чем реализован клиент нам неизвестно: может на php (curl,socket,stream_contex_create,...), может на js (ajax), вообще может быть на чем угодно. Надо задача реализовать http парсинг запроса и контента, выполнить задание (на каком-то подключенном к серверу оборудовании) и ответить клиенту о результате. Примечание: автор реализует http сервер на устаревшем Qt4, используем QTcpServer. Но для http сервера это не принципиально.

https://habr.com/ru/articles/910222/

#ContentType #urlencode #json #base64 #hex

Атрибуты Хорошего Loader-a

В программировании микроконтроллеров периодически приходится писать клиентские PC программы для загрузки *.hex файлов в микроконтроллер через загрузчик. Обычно в названии этих утилит присутствует слово loader . В этом тексте я попробовал порассуждать на тему того, каким же атрибутами должна обладать эта самая утилита FW_Loader .

https://habr.com/ru/articles/819809/

#FW_Loader #loader #PC #hex #bin #console_application #CP2102 #base64 #cli #bootloader

Today I learned that good-old #base64 encoding is ambiguous: There is #RFC 2045 (padding is mandatory) vs RFC 4568 (padding is optional). g_base64_decode follows RFC 2045 and by that might loose 1 or 2 chars at the end. WTF. #linux #coding

Ontdek in #nieuwsbrief362 van #cybercrimeinfo hoe #lummastealer met #base64 en #urlverkorting beveiliging omzeilt, waarom #cbs laat zien dat #16procent van de #nederlanders slachtoffer is van #onlineoplichting, hoe #incransom 6 TB data buitmaakte bij #aholddelhaize, de nieuwste #phishing op #crypto via het #darkweb én een #babbeltruc in #rotterdam met praktische tips om jezelf te beschermen: https://www.ccinfo.nl/menu-nieuws-trends/nieuwsbrief-archief/nieuwsbrief-berichten/2463127_nieuwsbrief-362-cybercrimeinfo-ccinfo-nl

#Base64 is not #encryption

After spending days on this, I finally found this site which gives a simple and concise method of encoding/decoding Unicode strings in #JavaScript to and from #base64
https://base64.guru/developers/javascript/examples/unicode-strings

New #threat: the evolving #Lummastealer evades detection using #base64 and #iplogger, abusing legitimate services for #malware distribution. Time to step up your #cyberresilience. 👉 https://www-ccinfo-nl.translate.goog/menu-onderwijs-ontwikkeling/cybercrime/2450543_nieuwe-dreigingen-cyberaanvallen-in-evolutie?_x_tr_sl=nl&_x_tr_tl=en&_x_tr_hl=nl&_x_tr_pto=wapp

Base64 encoding/decoding cheatsheet on linux, windows and mac
https://www.glukhov.org/post/2025/04/base64/
#cheatsheet #bash #base64 #linux #windows #mac #devops

how #based are you 🤔
#Base64 🤣 #lol #brainfart

El pasado 13 de Marzo de 2025, un concursante del challenge ESC01 resolvió el primer desafío criptográfico de la historia de este blog. En este articulo desvelo todos los secretos de este challenge.

https://www.lateclaescape.com/post/2025/challenge-esc01-solved/

#esc01 #LaTeclaESC #CTF #base64 #ascii

Let's try: `55!AAA_BBB!0123` -> `NTUhQUFBX0JCQiEwMTIz`.

- `SMEE_BJB@01123`
- `MeetAI_JBE0112`
- `UAE_BE.0112`
- `FLAG_BJk=0112`

Not QUITE as solid, but there is still a general vibe going on: mostly letters, ending in numbers, usually two symbols.

This probably isn't as interesting as I think it is -- it knows it's Base64, it's pattern matching against other Base64 content, and it's not like you couldn't just run it through a decoder yourself...

#llm #gemma3 #base64

Shockingly close. 😨 Like, abstractly it's close, at least. Three words. A number. Sluts.

#llm #base64 #gemma3

🚨 Updated #Tycoon tactics: new PDF lures and redirects.

Today, we have a guest post from WatchingRac (@RacWatchin8872 on X)
The attack is executed through a PDF sent by the threat actor, tricking the victim into believing they have violated a Company Device Policy. To review the alleged evidence, the victim is prompted to click a button within the PDF, triggering multiple redirects that lead to a fake Outlook website.

🔗 #Phishing chain:
PDF ➡️ Phish link ➡️ /.res444.php/ ➡️ Phishing Outlook website

Victims receive a phishing PDF containing a link to check a violation of the Company Device Policy. By opening it, the victim is directed to /.res444.php/, which loads a script.

👾 After loading the script, the victim is redirected to the phishing page.

❗️ The use of a PHP file containing #JavaScript code to redirect victims to the phishing page was already known within the community. To bypass potential rules designed to alert analysts of such attacks, Tycoon modified the script.

🔙 The previous file, named res444.php, contained JS code that decoded a #Base64 string, split it into parts, and used each segment for AES decryption, ultimately redirecting the victim to the Outlook phishing domain.

🔜 The new file, named .res444.php, contains simple and straightforward #JS code that automatically redirects the victim to the Outlook phishing domain. If the current URL includes a hash (#), it appends a random uppercase letter (A-Z) before redirecting; otherwise, the redirection occurs without modifications.

📌 The value of the phishing domain is always in the URL in hexadecimal form.

The phishing page displays different content based on the operating system. If the User-Agent contains "Linux," it presents a fake gym website. However, if it contains "Windows," it loads the Outlook phishing page.

👨‍💻 Take a look at the analysis in #ANYRUN Interactive Sandbox: https://app.any.run/tasks/c37665dd-c315-429b-a452-797f551bbd16/?utm_source=mastodon&utm_medium=post&utm_campaign=updated_tycoon&utm_term=270225&utm_content=linktoservice

References:
🔹https://x.com/orlof_v/status/1892944298452165104
🔹https://validin.com/blog/tycoon_2fa_analyzing_and_hunting_phishing-as-a-service_domains/

Analyze and investigate the latest #malware and phishing threats with #ANYRUN 🚀

#cybersecurity #infosec

Using #Base64 encoded urls for my avatar and banner on #Chirp and #Nostr feels super wrong, but also right at the same time!!

I love #Base64 encoding, like I can pretty much turn any file into a string of characters!

when some secret ends in = so it's obviously something in base64, but the decode turns out to be a string of ASCII hex digits that is both shorter and uses a smaller character space than the base64 encoded form

#base64

🚨 #SMiShing phishkit targets victims in the US with fake parking payments (1/2 🧵)
⚠️ Media reports have highlighted widespread cases of parking payment fraud across the US, Canada, the UK, and other countries. #Phishing threats targeting smartphones are among the most dangerous scams in today's threat landscape.

By leveraging checks for distinctive features of mobile browsers, this type of phishing may not even work in desktop environments.

We’ve analyzed how this #phishkit, which we named BlockKnock, operates using the ANYRUN Interactive Sandbox.

📌 Setting the external IP to the United States and adjusting the browser to match the screen resolution of an iPhone 14 Pro Max successfully bypassed the checks, revealing the phishing page content. Use ANYRUN’s interactive environment for targeted investigations: enable residential proxies and use browser dev tools for in-depth analysis.

Take a look at the analysis: https://app.any.run/tasks/951d75e9-4d90-40f5-90cd-bf24dc5b6a69/?utm_source=mastodon&utm_medium=post&utm_campaign=parking_smishing&utm_content=linktoservice&utm_term=030225

The phishing page engine communicates with the #C2 server via the WebSocket protocol using the following fields:
⤴️ Client request
action: Client message type
uuid: Current session identifier
data: Client-side JSON request encrypted using AES-CBC and encoded in #Base64
siteCode: Phishing page type

⤵️ Server response
type: Server message type
data: Server-side JSON response encrypted using AES-CBC and encoded in Base64

AES key: bda1ba0338a0de9203b8f80fe81d9fd4

#cybersecurity #infosec

Mal eine Frage zu #crypt, #SHA512 und #base64 :

Ich habe aus einem Excel-VBA-Dokument einen base64 kodierten Passworthash samt Salt und Rundenzahl. ...

#John #JtR mag den aber leider nicht erkennen, weil er von Excel mit dem "normalen" base64 codiert wurde (zwei "==" am Ende) und die falsche Länge hätte.
Crypt verwendet aber offenbar eine "spezielle Variante" von base64. 🤔

KEnn jemand einen Weg, diesen standard-base64-hash in einen crypt-base64-hash umzuwandeln?

Detect #base64 string in #JS

[Перевод] DeepSeek AI: От инъекции промпта до захвата аккаунта

Около двух недель назад китайская лаборатория DeepSeek представила свою новую AI модель DeepSeek-R1-Lite, которая специализируется на логических рассуждениях. Конечно, у всего AI-сообщества быстро загорелся огонь в глазах от заявленных возможностей модели. И я один из них. Как обычно: раз новая модель - значит новые идеи и тесты...

https://habr.com/ru/companies/bothub/articles/863032/

#xss #веббезопасность #инъекция_промпта #llm #ai #эксплойт #base64 #пентестинг #ии #машинное+обучение