Shiro550, as a classic loophole of HW in 2020, has attracted countless heroes to bow downIn that year's competition, many students won the core targets and difficult targets all over the country through 550. They benefited a lot from their participation, both in attack and defenseAlthough it is a local test WP written two years ago, the vulnera ...
Posted by Allan- on Thu, 10 Mar 2022 10:47:23 +0100
Recently, I have learned some JNDI vulnerability utilization chains that master is looking for, and I have benefited a lot. I also try to do some mining on JNDI vulnerability utilization. At present, I think of two questions in the process of JNDI utilization.
It is inconvenient to test that every JNDI Bypass chain needs to change the URL manu ...
Posted by eyaly on Sat, 19 Feb 2022 12:56:24 +0100
Attack using MSF framework
Reproduce using official POC
Heartbleed (English: heartbleed), also referred to as heartbleed vulnerability, is a security vulnerability that appears in the encryption library OpenSSL, which is ...
Posted by weevil on Wed, 09 Feb 2022 03:32:35 +0100
Let's register an account to see:
Successful registration is as follows:
It should be noted here that Wang Xiaoshuai can be clicked, and the url changes to: http://df1a9115-0e1d-43b2-97e0-2d5ba843acf8.node3.buuoj.cn/view.php?no=1 sql injection may exist. Let's try
?no=1 and 1=1
?no=1 and 1=2
The echo is different. There is SQL ...
Posted by kurtis on Wed, 09 Feb 2022 01:09:34 +0100
DC-2 target penetration notes
Target environment construction
Attack Infiltrator: kali IP address: 192.168.75.128 Target: DC-1 IP address unknown Download address: http://www.five86.com/downloads/DC-2.zip
1. Information collection
1.1 IP address confirmation
Command: ARP scan - L scan all LAN devices (IP, MAC address ...
Posted by AmandaF on Tue, 01 Feb 2022 13:32:19 +0100
1, The upload of the latest version of Ueditor XML file leads to stored XSS
Test version: php v1.0 4.3.3
Download address: https://github.com/fex-team/ueditor Reproduction steps:
1. Upload a picture file
2. Then, buprsuit captures and intercepts packets
3. Change the uploadimage type to uploadfile, modify the file suffix to xml, and fi ...
Posted by sasquatch69 on Fri, 28 Jan 2022 21:41:50 +0100
Struts vulnerability collection
Some Strtus2 vulnerabilities are summarized. Although there are few vulnerabilities in this part, it is also a part of learning. The collection is not comprehensive, and will be supplemented later.
The vulnerability environment can be built using the online vulfucus or deployed using docker
S2-001 (CVE-2007-45 ...
Posted by TylerL on Mon, 24 Jan 2022 19:31:46 +0100
According to the monitoring requirements of process behavior, many security software used Hook technology to intercept key system calls to intercept malware process creation. However, under x64 architecture, the system kernel has done a lot of security detection measures, especially technologies like KDP, which makes th ...
Posted by StewardManscat on Thu, 20 Jan 2022 07:20:46 +0100
In March 2020, Microsoft announced a local privilege raising vulnerability CVE-2020-0787, which can be called the full version of windows. According to Microsoft's vulnerability description, an attacker can use this vulnerability to construct a malicious program after logging in to the system with a low privilege user, and di ...
Posted by rmurdo on Tue, 18 Jan 2022 06:48:27 +0100