Red team penetration notes: the front-end language basis of red team

Understanding the front-end language can help us better understand and tap the front-end vulnerabilities. In the process of social work, we can also use the front-end technology to build puddle attacks or fishing attacks. The design idea of front-end page usually divides the page into three levels: structure layer (HTML), presentation laye ...

Added by mndwn on Thu, 02 Dec 2021 02:09:34 +0200

Linux privilege maintenance

One: Adaptation method 1: Backdoor account ###Add normal users: # Create a normal user with a username guest and password 123456 useradd -p `openssl passwd -1 -salt 'salt' 123456` guest # The useradd-p method ` ` is used to store executable system commands,'$()'can also store command execution statements useradd -p "$(openssl passwd -1 12345 ...

Added by smarthouseguy on Mon, 22 Nov 2021 22:28:42 +0200

[Tryhackme] Retro (UAC authorization: privilege promotion of Windows Certificate dialog box)

DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...

Added by $var on Mon, 22 Nov 2021 21:59:34 +0200