[HTB] Beep(LFI,RCE,sudo privilege: nmap)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Added by dannau on Thu, 09 Dec 2021 13:31:31 +0200
[HTB] Horizontal (vhost blasting, chisel tunnel)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Added by mattsoftnet on Wed, 08 Dec 2021 08:20:59 +0200
Red team penetration notes: the front-end language basis of red team
Understanding the front-end language can help us better understand and tap the front-end vulnerabilities. In the process of social work, we can also use the front-end technology to build puddle attacks or fishing attacks.
The design idea of front-end page usually divides the page into three levels: structure layer (HTML), presentation laye ...
Added by mndwn on Thu, 02 Dec 2021 02:09:34 +0200
Linux privilege maintenance
One: Adaptation method
1: Backdoor account
###Add normal users:
# Create a normal user with a username guest and password 123456
useradd -p `openssl passwd -1 -salt 'salt' 123456` guest
# The useradd-p method ` ` is used to store executable system commands,'$()'can also store command execution statements
useradd -p "$(openssl passwd -1 12345 ...
Added by smarthouseguy on Mon, 22 Nov 2021 22:28:42 +0200
[Tryhackme] Retro (UAC authorization: privilege promotion of Windows Certificate dialog box)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Added by $var on Mon, 22 Nov 2021 21:59:34 +0200