Programmer Think

primary coverage According to the monitoring requirements of process behavior, many security software used Hook technology to intercept key system calls to intercept malware process creation. However, under x64 architecture, the system kernel has done a lot of security detection measures, especially technologies like KDP, which makes th ...

Welcome new students ... ... If you are nameless, you can concentrate on practicing sword I am not a salted fish, but a dead fish! I have seen many installation tutorials of snort3 and snort2 on the Internet, especially the installation of snort3. Bloggers seriously doubt whether they have really installed successfully, People really w ...

0x00 introduction In March 2020, Microsoft announced a local privilege raising vulnerability CVE-2020-0787, which can be called the full version of windows. According to Microsoft's vulnerability description, an attacker can use this vulnerability to construct a malicious program after logging in to the system with a low privilege user, and di ...

0x01 Windows login credential theft The system password hash of Windows is generally composed of two parts by default: the first part is LM hash and the second part is NTLM hash. They are all in the form of hash encrypted user passwords. The format of hash password under Windows system is: user name: RID:LM-HASH value: NT-HASH value. F ...

Gongzong No.: Black palm A blogger who focuses on sharing penetration testing, hot spots in the hacker circle and hacker tool technology area! preface During intranet penetration, a WebShell or CobaltStrike, Metasploit, etc. are just the beginning. It is more about moving horizontally within the intranet, expanding the results and reaching ...

1. MSSQL overview MSSQL(MicroSoft SQL Server database) is a relational database management system DBMS developed by Microsoft. It is a large database and provides a complete solution from server to terminal. The database management system SSMS (SQL Server Management Studio) is an integrated development environment for establishing, using a ...

preface The video version of this article is available at station B: https://www.bilibili.com/video/BV1aq4y1X7oE?p=2 Burp Suite is an integrated penetration testing tool, which integrates a variety of penetration testing components, enabling us to better complete penetration testing and attacks on web applications automatically or manually. I ...

dataleak Two \ x00 can be skipped with "\ or / but each time" \ is used, 4 bytes will be copied to buf, so the last 3 bytes of data cannot be leaked. Therefore, / \ is used to control the leaked string with garbage data filling. exp: #!python #coding:utf-8 from pwn import * import subprocess, sys, os from time import sleep sa = l ...

1, Purpose of the experiment: 1. Understand what is htaccess file. 2. Through the upload labs game (Pass-04), master htaccess file parsing vulnerability technology. 2, Tools: cmd command line Firefox / Google browser 3, Experimental environment: Target machine: windows10 virtual machine: 192.168.100.150    & ...

DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor will I be responsible for any misuse or d ...