Service detectionPort detectionroot@ip-10-10-208-107:~# nmap -p- 10.10.59.205 --open
Starting Nmap 7.60 ( https://nmap.org ) at 2022-03-04 02:48 GMT
Nmap scan report for ip-10-10-248-133.eu-west-1.compute.internal (10.10.59.205)
Host is up (0.0039s latency).
Not shown: 61918 closed ports, 3588 filtered ports
Some closed ports may be reported a ...
Posted by nemesis1931 on Sat, 05 Mar 2022 04:51:10 +0100
Range: hackmyvm eu
Target name: Worrosion3
Release time: February 18, 2022
Target: 2 flag s
Attack aircraft:VMware kali 192.168.7.3
Target plane:Vbox linux IP Automatic acquisit ...
Posted by Fluoresce on Tue, 01 Mar 2022 13:43:05 +0100
In this paper, the bypass technology of SQL injection for web security is explained in detail, and the principle and application method of SQL injection bypass technology are more deeply mastered through the content in this paper, so as to be better used in penetration testing; The contents of the article are all compiled by personal understand ...
Posted by newbiehacker on Sat, 26 Feb 2022 13:14:26 +0100
It's said that linux raised the right, but when sorting out, you involuntarily wrote the contents of windows, which turned into a hodgepodge. You don't know whether it's good or bad
FuzzySecurity | Windows Privilege Escalation Fundamentals
Posted by themaxx113 on Wed, 09 Feb 2022 02:05:45 +0100
This paper introduces in detail how to use Metasploit to create attack payload (using attack payload generator msfvenom), and how to avoid killing and shell the attack payload, so as to break through the anti-virus software
1, Avoid killing
No killing literally means to avoid being killed. To be precise, when the created atta ...
Posted by jaydeesmalls on Wed, 02 Feb 2022 17:46:14 +0100
The 30 second response speed set by this target is really desperate. Seriously, you can play with your mobile phone for half a day every time you do an action
nmap -sS -p 1-65535 10.10.10.11
Starting Nmap 7.91 ( https://nmap.org ) at 2022-01-03 15:31 CST
Nmap scan report for 10.10.10.11
Host is up (0.28s latency).
Not s ...
Posted by pgrevents on Sun, 30 Jan 2022 06:10:34 +0100
Analysis of patrol source code -- detailed understanding and use
Patrol is a quick emergency and cruise scanning system for vulnerabilities in the enterprise intranet.
View the internal network asset distribution, specify the vulnerability plug-in, quickly detect the vulnerability of the search results, and output the result report
Posted by JeanieTallis on Sat, 29 Jan 2022 11:58:38 +0100
Collected several common functions in file upload and utilization. An in-depth understanding of these functions should contribute to the smooth upload and utilization of files.
1. deld ...
Posted by jd023 on Tue, 25 Jan 2022 11:18:02 +0100
Struts vulnerability collection
Some Strtus2 vulnerabilities are summarized. Although there are few vulnerabilities in this part, it is also a part of learning. The collection is not comprehensive, and will be supplemented later.
The vulnerability environment can be built using the online vulfucus or deployed using docker
S2-001 (CVE-2007-45 ...
Posted by TylerL on Mon, 24 Jan 2022 19:31:46 +0100
Gongzong No.: black palm A blogger who focuses on sharing network security, hot spots in the hacker circle and hacker tool technology area!
The vulnerability bounty program for discovering this vulnerability does not allow public disclosure, so I will not directly use the system name involved. The project is one of the projects t ...
Posted by monkey72 on Fri, 21 Jan 2022 13:55:43 +0100