01 2024 档案
摘要:Initial Gobuster to discover the webcontents. When we brute-force a directory path, if one dictionary doesn't give us any useful information, we can c
阅读全文
摘要:ImageMagick The ImageMagick is the tool modify the picture. The function of ImageMagick is ELF file named magick. The vulnerability version of ImageMa
阅读全文
摘要:File Inclusion vulnerability In the PHP Configuration,"allow_url_include" wrapper by-default set to "Off" which instruct PHP not ot load remote HTTP o
阅读全文
摘要:ThemeBleed exploit Windows run the Theme.exe which occupy the 445 port.We need to open the services interface and stop the service. 1.Generate the The
阅读全文
摘要:CONNECT between windows and linux Bloodhound Collection Grab the latest copy of SharpHound.exe from the Bloodhound repo,upload it to Outdated,working
阅读全文
摘要:碰瓷类型 X-Frame-Options 风险名称 点击劫持:X-Frame-Options响应头丢失 风险级别 中风险 风险描述 返回的响应头信息中没有包含x-frame-options头信息设置,点击劫持(ClickJacking)允许攻击者使用一个透明的iframe,覆盖在一个网页上,然后诱使
阅读全文
摘要:PyWhisker If we use pyWhisker,we need to have credential. With creds,I can try to remotely run PyWhisker.It fails: python3 /opt/pywhisker/pywisker.py
阅读全文
摘要:Briefly Microsoft ensure that a new local escalate loophole. This loophole allow low permission user access the system file of Windows. The user which
阅读全文
摘要:WSUS Introduction WSUS is a Microsoft solution for administrators to deploy Microsoft product updates and patches across an environment in a scalable
阅读全文
摘要:RECON TLS certificate openssl s_client -showcerts -connect 10.10.11.202:3269 | openssl x509 -noout -text- "openssl s_client" initiates an SSL/TLS conn
阅读全文
