摘要: 利用ilspy将bagel.dll打开 关于此目录有可以说的内容 目录解析 最上方的bagel是组装名字(assemble name) bagel_server 是命令空间(namespace) 下一级分支是类如File,Base,Handler,Orders等(class) 反序列化导致的命令执行 阅读全文
posted @ 2024-07-02 20:02 lisenMiller 阅读(15) 评论(0) 推荐(0) 编辑
摘要: Recon NMAP SCAN namp -sT -p- --min-rate 1000 -oA nmap/ports 10.10.10.10522/tcp open ssh 80/tcp open http nmap -sT -pxx,xx -sV -oA nmap/version 10.10.1 阅读全文
posted @ 2024-03-24 17:43 lisenMiller 阅读(13) 评论(0) 推荐(0) 编辑
摘要: This is the write up for the medium machine 'onlyrforyou'. Topic covered in this article are: LFI,commnad injection,neo4j cipher injection,malicious p 阅读全文
posted @ 2024-03-11 15:49 lisenMiller 阅读(22) 评论(0) 推荐(0) 编辑
摘要: Injections How to inject Injectable query Injection Macth (o) where o.Id='{input}' 'OR 1=1 with 0 as _l00 {...} RETURN 1 // MATCH (o) wehre '{input}' 阅读全文
posted @ 2024-03-08 15:13 lisenMiller 阅读(8) 评论(0) 推荐(0) 编辑
摘要: 首先区别是: wget、axel和aria2都是在命令行下使用的下载工具,但它们在功能和特性上有一些区别。 wget是最基础的命令行下载工具,它支持HTTP、HTTPS和FTP协议,并且可以在慢速或不稳定的网络连接下保持健壮性。如果下载过程中发生网络问题,wget会尝试重新下载,直到整个文件下载完成 阅读全文
posted @ 2024-02-23 10:16 lisenMiller 阅读(384) 评论(0) 推荐(0) 编辑
摘要: Common Loophole Fingerprint Feature title="+ ID_VC_Welcome +" Search for Vcenter version Method 1 route: /sdk/vimServiceVersions.xml Method 2 By calli 阅读全文
posted @ 2024-02-22 15:06 lisenMiller 阅读(33) 评论(0) 推荐(0) 编辑
摘要: This text introduce a new domain lateral movement technology--PTC(certificate transport attack).Introducing a new kind of DC certification utiliz thin 阅读全文
posted @ 2024-02-19 10:34 lisenMiller 阅读(194) 评论(0) 推荐(0) 编辑
摘要: Ansible_vault hash decrypt Copy those ansible_vault hash to three file named pwm_admin_login_vault pwm_admin_password_vault ldap_admin_password_vault 阅读全文
posted @ 2024-02-02 11:30 lisenMiller 阅读(48) 评论(0) 推荐(0) 编辑
摘要: Initial Gobuster to discover the webcontents. When we brute-force a directory path, if one dictionary doesn't give us any useful information, we can c 阅读全文
posted @ 2024-01-23 16:18 lisenMiller 阅读(35) 评论(0) 推荐(0) 编辑
摘要: ImageMagick The ImageMagick is the tool modify the picture. The function of ImageMagick is ELF file named magick. The vulnerability version of ImageMa 阅读全文
posted @ 2024-01-19 15:13 lisenMiller 阅读(13) 评论(0) 推荐(0) 编辑