Programmer Think

Shiro550, as a classic loophole of HW in 2020, has attracted countless heroes to bow downIn that year's competition, many students won the core targets and difficult targets all over the country through 550. They benefited a lot from their participation, both in attack and defenseAlthough it is a local test WP written two years ago, the vulnera ...

Defcon 2018 Qualify: Easy Pisy 1. Source Code The title is given to two people: execute.php <?php include 'common.php'; if ($_SERVER['REQUEST_METHOD'] === 'GET') { print highlight_string(file_get_contents("execute.php"), TRUE); exit(0); } $keys = get_keys(); $privkey = $keys[0]; $pubkey = $keys[1]; $file_info = $_FILES['userf ...

Recently, I have learned some JNDI vulnerability utilization chains that master is looking for, and I have benefited a lot. I also try to do some mining on JNDI vulnerability utilization. At present, I think of two questions in the process of JNDI utilization. It is inconvenient to test that every JNDI Bypass chain needs to change the URL manu ...

catalogue Heartbleed Vulnerability description Vulnerability principle Loophole recurrence Attack using MSF framework Reproduce using official POC Repair scheme Heartbleed Heartbleed (English: heartbleed), also referred to as heartbleed vulnerability, is a security vulnerability that appears in the encryption library OpenSSL, which is ...

Let's register an account to see: Successful registration is as follows: It should be noted here that Wang Xiaoshuai can be clicked, and the url changes to: http://df1a9115-0e1d-43b2-97e0-2d5ba843acf8.node3.buuoj.cn/view.php?no=1 sql injection may exist. Let's try ?no=1 and 1=1   ?no=1 and 1=2 The echo is different. There is SQL ...

DC-2 target penetration notes Target environment construction Attack Infiltrator: kali IP address: 192.168.75.128 Target: DC-1 IP address unknown Download address: http://www.five86.com/downloads/DC-2.zip Infiltration process 1. Information collection 1.1 IP address confirmation Command: ARP scan - L scan all LAN devices (IP, MAC address ...

1, The upload of the latest version of Ueditor XML file leads to stored XSS Test version: php v1.0 4.3.3 Download address: https://github.com/fex-team/ueditor Reproduction steps: 1. Upload a picture file 2. Then, buprsuit captures and intercepts packets 3. Change the uploadimage type to uploadfile, modify the file suffix to xml, and fi ...

Struts vulnerability collection Some Strtus2 vulnerabilities are summarized. Although there are few vulnerabilities in this part, it is also a part of learning. The collection is not comprehensive, and will be supplemented later. The vulnerability environment can be built using the online vulfucus or deployed using docker S2-001 (CVE-2007-45 ...

primary coverage According to the monitoring requirements of process behavior, many security software used Hook technology to intercept key system calls to intercept malware process creation. However, under x64 architecture, the system kernel has done a lot of security detection measures, especially technologies like KDP, which makes th ...

0x00 introduction In March 2020, Microsoft announced a local privilege raising vulnerability CVE-2020-0787, which can be called the full version of windows. According to Microsoft's vulnerability description, an attacker can use this vulnerability to construct a malicious program after logging in to the system with a low privilege user, and di ...