06 2019 档案
摘要:Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/finding-bad-characters-with-immunity-debugger-and-
阅读全文
摘要:Finding the Offset 1. Use the Metasploite pattern_create.rb tool to create 5900 characters. 2.Write the python test script. The shellcode is copied fr
阅读全文
摘要:Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver - https://github.com/stephenbradshaw/vulnserver Immu
阅读全文
摘要:Introduction to Netcat Connecting va Listening Bind Shells Attacker connects to victim on listening port Reverse Shells Victim connects to attacker on
阅读全文
摘要:DNS Enumeration 1. Host Tool host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa.
阅读全文
摘要:SMB Enumeration 1. Set the smb configurations. Insert the global settings to the configuration file. 2. Enumerate the target computer and find some in
阅读全文
摘要:HTTP Enumeration Target Host IP: 10.0.0.20 Brute Forcing using DirBuster 1. Start the dirbuster and set the options. Note: 1. The wordlist can be foun
阅读全文
摘要:Installing Kioptrix: Level 1 Download the vm machine form https://www.vulnhub.com/entry/kioptrix-level-1-1,22/. In the Kali Linux: Find the devices in
阅读全文
摘要:Scanning with Metasploite: 1. Start the Metasploite using msfconsole 2. search modules 3.Choose one of the modules using command: use + module name 4.
阅读全文
摘要:TCP vs UDP TCP: Connection-oriented Suited for applications that require high reliablity[HTTP, FTP,Telnet] Three-way handshake UDP: Connectionless Sui
阅读全文
摘要:Common Tools Google Exploit-DB/Google Hacking DB WHOIS Netcraft theharvester Example: Google search: site:cnn.com -site:www.cnn.com filetype:pdf More
阅读全文
摘要:Install Kali Linux : https://www.kali.org/ Common Commands: pwd man ls ls -la cd mkdir rmdir cp mv locate adduser su sudo echo cat nano chmod chmod 77
阅读全文
摘要:Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concepts Understanding of basic Linux syntax A "Try Hard
阅读全文
摘要:1. 通过点击Host选择不同的颜色,可以设置严重性; 2.生成网页版应用分析报告:选中所有条目->右击网址,保存所有选中项目,存储格式为html。
阅读全文
摘要:模块功能: 在扩展模块可以通过使用自定义代码,进行Burp 的自定义操作。 1. Burp Extensions页面 2. BApp Store中可以购买和安装别人写好的扩展功能 3. 在APIs界面可以创建自己的Burp扩展操作; 4. Java, Python, Ruby环境自定义设置
阅读全文
摘要:虚拟目标网站: http://10.0.0.15/orangehrm/login.php (RangeHRM) - 可以通过OWASP虚拟机搭建此网站 模拟攻击步骤: 1. 通过设置浏览器代理,拦截流量; 2. 右键点击Send to Intruder, 准备进行密码攻击; 3. 在Intruder
阅读全文
摘要:Sequencer 主要用于处理和分析Tokens 目标网站:http://testaspnet.vulnweb.com/ (1)通过代理,拦截数据流。 (2)Send to Sequencer,然后点击Start Live Capture (3)如下所示,Token处理和分析结果会在新的窗口显示。
阅读全文
摘要:官方参考链接:https://portswigger.net/burp/documentation/desktop/tools/decoder 该模块主要进行编码和解码,支持编码方式有:Plain,URL,HTML,Base64, ASCII hex, Hex, Octal, Binary,Gzip
阅读全文
摘要:目的:节省网页应用分析时间 目标对象:http://10.0.0.15/getboo/login.php 通过调整Request的参数,不断尝试,通过Response查看状态。从而节省在浏览器中操作的时间。
阅读全文
摘要:参考链接:https://portswigger.net/burp/documentation/desktop/tools/intruder/using 主要思路:在Intruder模块下设定Target,Positions,Payloads,Options后,开始攻击。 Brute-Force A
阅读全文
摘要:Burp Suite Professional 和Enterprise Version的Scaner功能较丰富。 以Professional版本为例,包含Issue activity, Scan queue,Live scanning, Issue definitions, Options几个功能块
阅读全文
摘要:Web application spdiering 和scanning 可以结合使用。 Burp Suite 的Spider Module - Options 主要包含:Crawler Settings, Passive Spidering, Form Submission, Application
阅读全文
