Learning notes on the basis of reverse shelling analysis 9. C language inline assembly and three call protocol naked functions
This article is for me in Great God Forum Learning reverse cracking shelling is one of the learning notes. It is my review and summary of what I have learned in the past. There may be fallacies. You are welcome to point out. Notes will be released one after another, hoping to help Mengxin who wants to get started and make progress together
C l ...
Posted by dcinadr on Sat, 25 Dec 2021 08:01:34 +0100
016 layer 3 switching technology and HSRP
1: Three layer switching technology
1.1: General
summary:
Layer 3 switch:
1: layer 3 switch = Layer 3 routing (but it can't be completely used as a router, generally only as a router) vlan Network segment connection) + Layer 2 switch is essentially a layer 2 device
2: The layer 3 routing function can be turned on and off. It can onl ...
Posted by peter11 on Fri, 24 Dec 2021 18:07:17 +0100
5, Switch division VLAN configuration
Experimental objectives:
Understand the basic configuration of virtual LAN (VLAN)Master the configuration method of VLAN divided by port of general switchMaster the configuration method of Tag VLAN
Experimental background:
The PCs of the finance department and the sales department in a company communicate through two switches. It is required ...
Posted by kanenas.net on Fri, 24 Dec 2021 16:05:58 +0100
Flow analysis exercise 2
Title: 1 pcap
Problem solution
This file is not small. It is preliminarily inferred that there will be files in this session. There should be files in it. I threw it into binwalk and tried it. There was nothing. Can only honestly do traffic analysis. Statistics, a function in wireshark, can classify and count the packet size and protocol ...
Posted by dycero on Mon, 20 Dec 2021 13:14:09 +0100
2021 ciscn online pwn silverwolf
It's obviously all green.
add Only one chunk can be controlled, and the size is limited.
edit End with enter. There is an off by null.
show Just output.
free There's a uaf.
In fact, compared with lonelywolf, it just opens a sandbox.
From the whole point of view, that index is the kind to tease you. libc gave 2.27 at that time, but it wa ...
Posted by rubberjohn on Sun, 19 Dec 2021 18:26:40 +0100
12 java Security -- java deserialization CC7 chain analysis
Before analyzing the CC7 chain, you need to have a certain understanding of the source code of the Hashtable set.
In terms of thinking, I think the CC7 utilization chain is more like a transformation from the CC6 utilization chain, but the CC7 chain does not use HashSet, but uses Hashtable to construct a new utilization chain.
After testing ...
Posted by troybtj on Sun, 19 Dec 2021 17:08:40 +0100
Software security experiment -- LAN DDoS attack
Experimental task
The IP address in the LAN is 10.12 186.186 host (firewall closed) initiates DDoS attack based on network traffic.
Experimental process
DoS attack and DDoS attack
DOS is short for Denial of Service. The attack that causes DOS is called DoS attack. Its purpose is to make the computer or network unable to provide normal s ...
Posted by ureck on Sun, 19 Dec 2021 02:08:25 +0100
TryHackMe learning notes - The Cod Caper
summary
Continue the learning record of TryHackMe. This time, the target is The Cod Caper, and the content is from Web vulnerability exploitation to buffer overflow.
After starting the target, the IP address of the target is 10.10 one hundred and sixty-two point one seven seven
Port scan
nmap port scan found 2 ports open
nmap -Pn --o ...
Posted by Daisy Cutter on Sat, 18 Dec 2021 20:12:04 +0100
Introduction to kernel pwn ciscn2017_babydrive UAF
The first time to start the kernel problem depends on the reproduction of fmyy master's blog. After the reproduction, I have a general understanding of the use of uaf in the kernel. Problem solving steps: 1. Write a blog with a short talk. The topic gives us a compressed package and decompresses it. It is found that there is no vmlinux. Therefo ...
Posted by vimukthi on Sat, 18 Dec 2021 17:00:39 +0100
WMCTF 2021 pwn dy_maze writeup
after three days of hard work (fishing and paddling √), WMCTF 2021 is finally over, and our Mengxin experience team has also achieved the top 30 results with the joint efforts of everyone, which is really beyond my expectation. However, for our first game, the results are the most important aspect. The seriousness and concentration ...
Posted by timtom3 on Sat, 18 Dec 2021 13:03:19 +0100