Programmer Think

Service detectionPort detectionroot@ip-10-10-208-107:~# nmap -p- 10.10.59.205 --open Starting Nmap 7.60 ( https://nmap.org ) at 2022-03-04 02:48 GMT Nmap scan report for ip-10-10-248-133.eu-west-1.compute.internal (10.10.59.205) Host is up (0.0039s latency). Not shown: 61918 closed ports, 3588 filtered ports Some closed ports may be reported a ...

Target information Download address: https://hackmyvm.eu/machines/machine.php?vm=Corrosion3 Range: hackmyvm eu Target name: Worrosion3 Difficulty: simple Release time: February 18, 2022 Prompt: nothing Target: 2 flag s Experimental environment Attack aircraft:VMware kali 192.168.7.3 Target plane:Vbox linux IP Automatic acquisit ...

In this paper, the bypass technology of SQL injection for web security is explained in detail, and the principle and application method of SQL injection bypass technology are more deeply mastered through the content in this paper, so as to be better used in penetration testing; The contents of the article are all compiled by personal understand ...

It's said that linux raised the right, but when sorting out, you involuntarily wrote the contents of windows, which turned into a hodgepodge. You don't know whether it's good or bad https://github.com/sagishahar/lpeworkshop Windows Rights: ​ FuzzySecurity | Windows Privilege Escalation Fundamentals ​ https://github.com/netbiosX/Checklis ...

preface This paper introduces in detail how to use Metasploit to create attack payload (using attack payload generator msfvenom), and how to avoid killing and shell the attack payload, so as to break through the anti-virus software 1, Avoid killing No killing literally means to avoid being killed. To be precise, when the created atta ...

The 30 second response speed set by this target is really desperate. Seriously, you can play with your mobile phone for half a day every time you do an action prospecting nmap nmap -sS -p 1-65535 10.10.10.11 Starting Nmap 7.91 ( https://nmap.org ) at 2022-01-03 15:31 CST Nmap scan report for 10.10.10.11 Host is up (0.28s latency). Not s ...

Analysis of patrol source code -- detailed understanding and use Patrol is a quick emergency and cruise scanning system for vulnerabilities in the enterprise intranet. View the internal network asset distribution, specify the vulnerability plug-in, quickly detect the vulnerability of the search results, and output the result report Portal ...

preface Collected several common functions in file upload and utilization. An in-depth understanding of these functions should contribute to the smooth upload and utilization of files. Indexes 1. deldot 2. in_array 3. intval 4. strrchr 5. strtolower 6. strrpos 7. str_ireplace 8. strstr 9. substr 10. trim Common functions 1. deld ...

Struts vulnerability collection Some Strtus2 vulnerabilities are summarized. Although there are few vulnerabilities in this part, it is also a part of learning. The collection is not comprehensive, and will be supplemented later. The vulnerability environment can be built using the online vulfucus or deployed using docker S2-001 (CVE-2007-45 ...

Gongzong No.: black palm A blogger who focuses on sharing network security, hot spots in the hacker circle and hacker tool technology area! I. Preface The vulnerability bounty program for discovering this vulnerability does not allow public disclosure, so I will not directly use the system name involved. The project is one of the projects t ...