摘要:
利用ilspy将bagel.dll打开 关于此目录有可以说的内容 目录解析 最上方的bagel是组装名字(assemble name) bagel_server 是命令空间(namespace) 下一级分支是类如File,Base,Handler,Orders等(class) 反序列化导致的命令执行 阅读全文
摘要:
Recon NMAP SCAN namp -sT -p- --min-rate 1000 -oA nmap/ports 10.10.10.10522/tcp open ssh 80/tcp open http nmap -sT -pxx,xx -sV -oA nmap/version 10.10.1 阅读全文
摘要:
This is the write up for the medium machine 'onlyrforyou'. Topic covered in this article are: LFI,commnad injection,neo4j cipher injection,malicious p 阅读全文
摘要:
Injections How to inject Injectable query Injection Macth (o) where o.Id='{input}' 'OR 1=1 with 0 as _l00 {...} RETURN 1 // MATCH (o) wehre '{input}' 阅读全文
摘要:
首先区别是: wget、axel和aria2都是在命令行下使用的下载工具,但它们在功能和特性上有一些区别。 wget是最基础的命令行下载工具,它支持HTTP、HTTPS和FTP协议,并且可以在慢速或不稳定的网络连接下保持健壮性。如果下载过程中发生网络问题,wget会尝试重新下载,直到整个文件下载完成 阅读全文
摘要:
Common Loophole Fingerprint Feature title="+ ID_VC_Welcome +" Search for Vcenter version Method 1 route: /sdk/vimServiceVersions.xml Method 2 By calli 阅读全文
摘要:
This text introduce a new domain lateral movement technology--PTC(certificate transport attack).Introducing a new kind of DC certification utiliz thin 阅读全文
摘要:
Ansible_vault hash decrypt Copy those ansible_vault hash to three file named pwm_admin_login_vault pwm_admin_password_vault ldap_admin_password_vault 阅读全文
摘要:
Initial Gobuster to discover the webcontents. When we brute-force a directory path, if one dictionary doesn't give us any useful information, we can c 阅读全文
摘要:
ImageMagick The ImageMagick is the tool modify the picture. The function of ImageMagick is ELF file named magick. The vulnerability version of ImageMa 阅读全文