TryHackMe learning notes - The Cod Caper
summary
Continue the learning record of TryHackMe. This time, the target is The Cod Caper, and the content is from Web vulnerability exploitation to buffer overflow.
After starting the target, the IP address of the target is 10.10 one hundred and sixty-two point one seven seven
Port scan
nmap port scan found 2 ports open
nmap -Pn --o ...
Posted by Daisy Cutter on Sat, 18 Dec 2021 20:12:04 +0100
[HTB] Sense (directory with specified extension)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Posted by shortkid422 on Sat, 11 Dec 2021 10:04:10 +0100
[Tryhackme] Gatekeeper (Buffer overflow vulnerability, firefox user credential information cracking)
DisclaimerThe host penetrated by this article is legally authorized. The tools and methods used in this article are only for learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal use. I will not be responsible for any consequences or any misuse or damage caused.Service Probe┌──(root ...
Posted by dzoddi on Wed, 24 Nov 2021 21:20:47 +0100
Briefly explain how to bypass PHP disable_function
preface
In the penetration test, sometimes the command cannot be executed after getting the webshell. In order to successfully raise the right, we need to bypass disable_function
disable_ Introduction to function
disable_ Functions is a setting option in php.ini. It can be used to set the PHP environment to prohibit the use of some fu ...
Posted by chrima on Mon, 01 Nov 2021 09:30:01 +0100
File Upload Counter Springboard Site
This article mainly introduces the process of obtaining an attacker's IP through a hacker's springboard site, using the previous information collection to conduct penetration tests on the springboard site, and step by step to obtain the attacker's attack tactics, tools and IP.
1. Event Background
This article focuses on the actual use of file ...
Posted by adriaan on Mon, 13 Sep 2021 23:48:48 +0200