The engineers next door cried greedily for my reverse engineering IDA and said they would rub my back and pinch my feet
primary coverage
According to the monitoring requirements of process behavior, many security software used Hook technology to intercept key system calls to intercept malware process creation. However, under x64 architecture, the system kernel has done a lot of security detection measures, especially technologies like KDP, which makes th ...
Posted by StewardManscat on Thu, 20 Jan 2022 07:20:46 +0100
[IDS road] the latest Snort3 and Snort2 installation detailed tutorial
Welcome new students ... ... If you are nameless, you can concentrate on practicing sword
I am not a salted fish, but a dead fish!
I have seen many installation tutorials of snort3 and snort2 on the Internet, especially the installation of snort3. Bloggers seriously doubt whether they have really installed successfully, People really w ...
Posted by t0ta11 on Wed, 19 Jan 2022 07:08:04 +0100
Cve-2020-0787 full version windows local rights lifting vulnerability recurrence
0x00 introduction
In March 2020, Microsoft announced a local privilege raising vulnerability CVE-2020-0787, which can be called the full version of windows. According to Microsoft's vulnerability description, an attacker can use this vulnerability to construct a malicious program after logging in to the system with a low privilege user, and di ...
Posted by rmurdo on Tue, 18 Jan 2022 06:48:27 +0100
Several ways of voucher theft
0x01 Windows login credential theft
The system password hash of Windows is generally composed of two parts by default: the first part is LM hash and the second part is NTLM hash. They are all in the form of hash encrypted user passwords.
The format of hash password under Windows system is: user name: RID:LM-HASH value: NT-HASH value.
F ...
Posted by falcon8253 on Sun, 16 Jan 2022 00:42:50 +0100
dried food! Summary of common methods of Intranet penetration
Gongzong No.: Black palm A blogger who focuses on sharing penetration testing, hot spots in the hacker circle and hacker tool technology area!
preface
During intranet penetration, a WebShell or CobaltStrike, Metasploit, etc. are just the beginning. It is more about moving horizontally within the intranet, expanding the results and reaching ...
Posted by Crashin on Sat, 15 Jan 2022 23:04:25 +0100
Common methods of sql server right lifting in windows system
1. MSSQL overview
MSSQL(MicroSoft SQL Server database) is a relational database management system DBMS developed by Microsoft. It is a large database and provides a complete solution from server to terminal. The database management system SSMS (SQL Server Management Studio) is an integrated development environment for establishing, using a ...
Posted by jxrd on Fri, 14 Jan 2022 21:42:09 +0100
Burpsuit2021 series environment configuration and crack installation
preface
The video version of this article is available at station B: https://www.bilibili.com/video/BV1aq4y1X7oE?p=2
Burp Suite is an integrated penetration testing tool, which integrates a variety of penetration testing components, enabling us to better complete penetration testing and attacks on web applications automatically or manually. I ...
Posted by SueHubert on Fri, 14 Jan 2022 03:20:25 +0100
CTF pwn direction partial problem solution
dataleak
Two \ x00 can be skipped with "\ or / but each time" \ is used, 4 bytes will be copied to buf, so the last 3 bytes of data cannot be leaked. Therefore, / \ is used to control the leaked string with garbage data filling.
exp:
#!python
#coding:utf-8
from pwn import *
import subprocess, sys, os
from time import sleep
sa = l ...
Posted by jasongr on Wed, 12 Jan 2022 12:09:40 +0100
[file upload bypass] - parsing vulnerability htaccess file parsing vulnerability
1, Purpose of the experiment:
1. Understand what is htaccess file. 2. Through the upload labs game (Pass-04), master htaccess file parsing vulnerability technology.
2, Tools:
cmd command line Firefox / Google browser
3, Experimental environment:
Target machine: windows10 virtual machine: 192.168.100.150 & ...
Posted by prasitc2005 on Mon, 10 Jan 2022 23:58:22 +0100
[HTB] Bastard (missing patch enumeration; user permissions: SeImpersonatePrivilege, JuicyPotato)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor will I be responsible for any misuse or d ...
Posted by Hitwalker on Mon, 10 Jan 2022 12:04:43 +0100