codehead.co.uk Report : Visit Site

Technical data of the codehead.co.uk

Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host codehead.co.uk. Currently, hosted in United Kingdom and its service provider is Xilo Communications Ltd. .

the related websites

lairdtech.com classtools.net home.kpmg.com technologystudent.com stroma.com cnbc.com airtechenvironmental.co.uk bearingtech.co.uk proactiveinvestors.co.uk musicradar.com 

HTTP Header Analysis

HTTP Header information is a part of HTTP protocol that a user's browser sends to called containing the details of what the browser wants and will accept back from the web server.

DNS

HtmlToText

navigation home projects categories tags random ramblings on hacking, coding, fighting with infrastructure and general tech evlzctf 2018 - typical - crypto - 75 posted: 19 feb 2018 by codehead 3 minute read problem easy and peasy nc 35.200.197.38 8003 europe: nc 35.205.196.143 8003 like many of the evlzctf challenges, this one was a little light on detail, but fun to complete. read more… categories: hacking ctf tagged as: #ctf #evlzctf #crypto #xor #python acebear ctf 2018 - url parameter - web - 100 posted: 28 jan 2018 by codehead 2 minute read problem description: this chall sucks, you should watch vie vs uzb match. :) viet nam vo dich! author: kad96 website: link visiting the website gave me a blank page. there had to be something more hidden here. read more… categories: hacking ctf tagged as: #ctf #acebear #php #command injection #web exploit breakin ctf 2018 - aalekh and his business - web - 500 posted: 23 jan 2018 by codehead 2 minute read challenge aalekh joined iiit in 2014. soon, he started selling t-shirts and hoodies. one day, aalekh got a big order and trusted his childhood friend to handle the order. but his friend betrayed him and sold bad pieces. college students got angry and tried to beat aalekh up. his good friend, anshul, wanted to save him. to prevent aalekh from going under loss, he has to sell 500 t-shirts on the market, the only condition being, customers have to be unique. can you help anshul sell 500 t-shirts? https://felicity.iiit.ac.in/contest/breakin/questions/uuid/ flag format: breakin{[0-9a-za-z_]+} read more… categories: hacking ctf tagged as: #ctf #breakin #web exploit #curl #python gdb command files posted: 13 jan 2018 by codehead 5 minute read tl:dr command files allow you to start up gdb in a way that saves you typing the same commands over and over, even doing some of the ‘driving’ for you. i’m not suggesting that this is the best way to use gdb but i found it really helpful and i saved a bunch of time. i’m blogging it for my own reference and to help others find a lesser known, but very useful feature of the tool. background while working on the slae64 course assessments, i found myself jumping in and out of gdb a lot. constantly rebuilding and refining my shellcode test binaries meant that i ended up in constant cycle of doing a whole heap of setup in gdb to get things the way i wanted them, only to spend a few seconds debugging the target, then quitting, tweaking the code, rebuilding and repeating the whole process again. i’m not a great typist, but i keyed in this sequence so many times that i could probably do it in my sleep: layout asm layout reg break _start run there has to be a better way. read more… categories: linux assembler hacking tagged as: #analysis #reverse-engineering #gdb security tube slae64 course - assessment 7 - payload encryption posted: 28 nov 2017 by codehead 12 minute read after completing the video lectures of the security tube linux 64 bit assembler expert course (slae64) , a series of assessments must be completed to gain certification. this is the seventh and final assignment; build a payload encrypter/decrypter. we have used payload encoders in previous assignments, but this time we will build a hidden payload that requires a key to decrypt. the choice of encryption method is left to the student and i spent a good while looking at the various encryption methods: aes - a modern and widely used block cipher scheme. very complex to implement and would probably require a 3rd party library, making the assignment pretty pointless. rc4 - a fast and relatively easy to implement stream cipher . unfortunately, vivek used rc4 in his demo, i didn’t want to repeat his work. fish , scream , mugi , etc - complex, limited implementation documentation (my maths isn’t up to scratch). while researching these schemes i stumbled onto some of the more classical cryptography schemes. while modern crypto schemes produce streams or blocks of pseudo-random noise which is generally xored against the cleartext, classical ciphers tended to use relocation or shifting of characters. simple rotational schemes such as caesar’s cipher or rot13 barely qualify as encryption, the encoding operation is either fixed or easily brute forced. however, a substitution cipher requires a mapping table and this can be varied, forming a kind of key, although a large and cumbersome one. the vigenère cipher is a hybrid of substitution and rotation using a table built on an ascending rotation factor. however, it also makes use of a variable length key and so it is suitable for our needs. read more… categories: slae64 assembler shellcode linux python c tagged as: #shellcode #assembler #linux #x64 security tube slae64 course - assessment 6 - polymorphic payloads posted: 24 nov 2017 by codehead 11 minute read after completing the video lectures of the security tube linux 64 bit assembler expert course (slae64) , a series of assessments must be completed to gain certification. this is the sixth assignment; take three x64 payloads from shellstorm and create new, polymorphic versions which have the same functionality. while this sounds super cool, what we’re actually doing is simply changing the content of the shellcode to try to evade detection by basic security tools that use signature based matching to recognise threats. a limitation of the assignment is to stay within 150% of the original payload size. read more… categories: slae64 assembler shellcode linux tagged as: #shellcode #assembler #linux #x64 security tube slae64 course - assessment 5 - metasploit payload analysis posted: 22 nov 2017 by codehead 18 minute read after completing the video lectures of the security tube linux 64 bit assembler expert course (slae64) , a series of assessments must be completed to gain certification. this is the fifth assignment; analyse 3 payloads generated by the metasploit msfvenom tool. msfvenom is a replacement for msfpayload and msfencode tools. it combines their functionality into a single application. the available payloads specifically for x64 linux are quite limited: root@kali:~# msfvenom -l | grep linux/x64 linux/x64/exec execute an arbitrary command linux/x64/meterpreter/bind_tcp inject the mettle server payload (staged). listen for a connection linux/x64/meterpreter/reverse_tcp inject the mettle server payload (staged). connect back to the attacker linux/x64/meterpreter_reverse_http run the meterpreter / mettle server payload (stageless) linux/x64/meterpreter_reverse_https run the meterpreter / mettle server payload (stageless) linux/x64/meterpreter_reverse_tcp run the meterpreter / mettle server payload (stageless) linux/x64/shell/bind_tcp spawn a command shell (staged). listen for a connection linux/x64/shell/reverse_tcp spawn a command shell (staged). connect back to the attacker linux/x64/shell_bind_tcp listen for a connection and spawn a command shell linux/x64/shell_bind_tcp_random_port listen for a connection in a random port and spawn a command shell. use nmap to discover the open port: 'nmap -ss target -p-'. linux/x64/shell_find_port spawn a shell on an established connection linux/x64/shell_reverse_tcp connect back to attacker and spawn a command shell read more… categories: slae64 assembler shellcode linux tagged as: #shellcode #assembler #linux #x64 #metasploit #msfvenom security tube slae64 course - assessment 4 - custom encoding posted: 9 nov 2017 by codehead 7 minute read after completing the video lectures of the security tube linux 64 bit assembler expert course (slae64) , a series of assessments must be completed to gain certification. this is the forth assignment; create a custom encoder/decoder to disguise a shellcode payload. many security and threat monitoring tools rely on signature matching to identify bad code. a good way to avoid signature based detection is to obscure the content of a payload with encryption or encoding. the same payload can be repeatedly disguised with different obfuscation schemes. creating

URL analysis for codehead.co.uk

http://www.codehead.co.uk/acebear-2018-url-param/
http://www.codehead.co.uk/tags/command-injection/
http://www.codehead.co.uk/tags/crypto/
http://www.codehead.co.uk/projects/
http://www.codehead.co.uk/tags/php/
http://www.codehead.co.uk/slae64-03-egg-hunter/
http://www.codehead.co.uk/tags/python/
http://www.codehead.co.uk/slae64-04-custom-encoder/
http://www.codehead.co.uk/evlzctf-2018-typical/
http://www.codehead.co.uk/categories/linux/
http://www.codehead.co.uk/tags/metasploit/
http://www.codehead.co.uk/categories/hacking/
http://www.codehead.co.uk/tags/analysis/
http://www.codehead.co.uk/tags/gdb/
http://www.codehead.co.uk/categories/c/

Whois Information

Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;

Domain name:
codehead.co.uk

Registrant:
Walsh

Registrant type:
UK Individual

Registrant's address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.

Data validation:
Nominet was able to match the registrant's name and address against a 3rd party data source on 30-Mar-2016

Registrar:
XILO Communications Ltd. [Tag = XILO]
URL: https://www.xilo.net

Relevant dates:
Registered on: 07-Dec-2004
Expiry date: 07-Dec-2018
Last updated: 07-Dec-2016

Registration status:
Registered until expiry date.

Name servers:
ns4.xilo.net
ns5.xilo.net

WHOIS lookup made at 22:02:53 08-Jul-2017

--
This WHOIS information is provided for free by Nominet UK the central registry
for .uk domain names. This information and the .uk WHOIS are:

Copyright Nominet UK 1996 - 2017.

You may not access the .uk WHOIS or use any data from it except as permitted
by the terms of use available in full at http://www.nominet.uk/whoisterms,
which includes restrictions on: (A) use of the data for advertising, or its
repackaging, recompilation, redistribution or reuse (B) obscuring, removing
or hiding any or all of this notice and (C) exceeding query rate or volume
limits. The data is provided on an 'as-is' basis and may lag behind the
register. Access may be withdrawn or restricted at any time.

  REFERRER http://www.nominet.org.uk

  REGISTRAR Nominet UK

SERVERS

  SERVER co.uk.whois-servers.net

  ARGS codehead.co.uk

  PORT 43

  TYPE domain

OWNER

  ORGANIZATION Walsh

TYPE
UK Individual

ADDRESS
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.
Data validation:
Nominet was able to match the registrant's name and address against a 3rd party data source on 30-Mar-2016

DOMAIN

  SPONSOR XILO Communications Ltd. [Tag = XILO]

  CREATED 2004-12-07

  CHANGED 2016-12-07

STATUS
Registered until expiry date.

NSERVER

  NS4.XILO.NET 193.150.34.30

  NS5.XILO.NET 91.230.181.30

  NAME codehead.co.uk

DISCLAIMER
This WHOIS information is provided for free by Nominet UK the central registry
for .uk domain names. This information and the .uk WHOIS are:
Copyright Nominet UK 1996 - 2017.
You may not access the .uk WHOIS or use any data from it except as permitted
by the terms of use available in full at http://www.nominet.uk/whoisterms,
which includes restrictions on: (A) use of the data for advertising, or its
repackaging, recompilation, redistribution or reuse (B) obscuring, removing
or hiding any or all of this notice and (C) exceeding query rate or volume
limits. The data is provided on an 'as-is' basis and may lag behind the
register. Access may be withdrawn or restricted at any time.

  REGISTERED yes

Mistakes

The following list shows you to spelling mistakes possible of the internet users for the website searched .