weblogic ssrf vulnerability [CVE-2014-4210]
Vulnerability overview There is an SSRF vulnerability in the SearchPublicRegistries.jsp page of weblogic's uddiexplorer component classificationdetailsVulnerability numberCVE-2014-4210Types of vulnerabilitiesSSRFImpact versionweblogic 10.0.2 – 10.3.6 The reappearance of vulhub Construction of UTF-8...
Posted by aditya2071990 on Sat, 19 Jun 2021 02:49:58 +0930
[file upload bypass] - back end detection_ File name detection 00 truncation bypass
1, Purpose of the experiment: 1. Master the principle of 00 truncation through this experiment. 2. Master the 00 truncation bypass technology through the upload labs master game Pass-11 and Pass-12. 2, Tools: BurpSuite Firefox / Google browser 3, Experimental environment: Target machine: windoUTF-8...
Posted by arcarocket on Fri, 13 Aug 2021 02:49:55 +0930
ctfshow web starter blasting
Catalog web21 web22 web23 web24 web25 web26 web27 web28 web21 custom iterator Enter a password and grab the bag. This is what happens You will find a base64 encoding, and decoding will find it in the form of - admin:password So at this point, we're going to use a custom iterator The first paragUTF-8...
Posted by white99 on Sat, 14 Aug 2021 02:44:12 +0930
DVWA Level 5: File Upload (File Upload Vulnerability)
Catalog Introduction to file upload vulnerabilities: File upload vulnerability hazard: File Upload Vulnerability Principle: Low Medium High Impossible Introduction to file upload vulnerabilities: File upload vulnerabilities are a common form of vulnerability used in web security. It is an attacUTF-8...
Posted by RadiationHazard on Wed, 08 Dec 2021 04:29:14 +1030
Use of CobaltStrike - Chapter 9 - no killing
This chapter will introduce the use of CS payload kill free tool The purpose of conventional anti-virus software is to find a known virus and stop deleting it. As an attacker, we need to avoid killing the virus file, so that the anti-virus software thinks our file is a legal file anti-virus soUTF-8...
Posted by Zippyaus on Thu, 09 Dec 2021 06:09:13 +1030
Learn XXE vulnerability from a topic
loophole Hetian Wangan Laboratory [](javascript:void(0)) 2021-03-02 6,957 preface 0x01.xxe vulnerability The full name of xxE vulnerability is XML External Entity Injection, that is, XML External Entity Injection vulnerability. The xxE vulnerability occurs when the application parses XML input UTF-8...
Posted by twilitegxa on Thu, 09 Dec 2021 16:10:28 +1030
Pikachu platform exercise
1. Brute force cracking Overview of brute force "Brute force cracking" is a means of attack. In web attacks, this means is generally used to obtain the authentication information of the application system. The process is to use a large amount of authentication information to try to log in on tUTF-8...
Posted by tonyw on Sat, 11 Dec 2021 18:30:53 +1030
December learning of datawhale -- Application of algorithm: Percolation
1 topic 1.1 problem overview See details AlgorithmRunning - Percolation Background issues Percolation: penetration problem Given a composite system composed of randomly distributed insulating materials and metal materials: what proportion of materials need to be metal to make the composite sysUTF-8...
Posted by mbabli on Thu, 16 Dec 2021 22:55:42 +1030
Modify the window s local hosts file and the domain name pointing to
Hosts is a system file without extension, which can be opened with notepad and other tools. Its function is to establish an associated "database" between some common web address domain names and their corresponding IP addresses. When the user enters a web address to log in in in the browser, thUTF-8...
Posted by razvypp on Sat, 18 Dec 2021 03:50:44 +1030
Penetration test weight raising shooting range Billu box question brushing record
PS: Recently, the project is too busy to write articles. Take the previous notes. kali integrated penetration target – Billu_b0x target Target download address:https://download.vulnhub.com/billu/Billu_b0x.zip information gathering The tools available are as follows Netdiscover (host ip CollectiUTF-8...
Posted by RynMan on Tue, 21 Dec 2021 07:16:21 +1030