The first step is to change libc
Enter code audit
If you find that the symbol table is closed, you need to guess the function with the function.
Then rename the main function.
It is obvious that there i ...
Posted by jonex on Fri, 20 May 2022 05:29:05 +0300
Kali (or not required) hydra (Kali comes with it, you can install windows version or other platforms by yourself) Password dictionary (go to github and find the keyword "dictionary")
This tutorial is only for technical exchange. Please do not use it for other purposes. I am not responsible for any illegal and crim ...
Posted by donbonzo on Thu, 12 May 2022 19:44:06 +0300
Information collection domain controller related information:
Through arp scanning, it is found that the ip address of the domain controller is 192.168.52.138. Try to use the smb of msf_ Whether the login module successfully logs into smb
1 search smb_login
2 use 0
3 set rhosts 192.168.52.138
4 set smbpass hongrisec@2022
Posted by jingcleovil on Thu, 12 May 2022 13:05:02 +0300
This paper introduces an interesting unhook technique, which comes from a GitHub POC sent by a small partner: https://github.com/trickster0/LdrLoadDll-Unhooking , this article will interpret this method step by step with reference to this POC.
At present, most of the classic methods are direct system call (Syscall) or finding the ...
Posted by sidney on Fri, 06 May 2022 14:15:45 +0300
In case of hacker intrusion, system crash or other security events affecting the normal operation of business, it is urgent to deal with them at the first time, so that the enterprise's network information system can resume normal operation in the shortest time, further find the source of intrusion, restore the process of intrusion acc ...
Posted by feddie1984 on Fri, 06 May 2022 01:45:36 +0300
a little recap
we are trying to exploit a uaf Then use a pipe structure to convert uaf to read and write at any address. Finally, by searching for the cred structure and modifying the cred structure to escalate the rights
Learn from the big guy exp The first is ha1vk boss
#define PIPE_BUFFER_SIZE 0x280
#define BUF_SIZE PIPE_BUFFER_SIZE
For me, the uniqueness of Wushu lies in its simplicity. The simple method is also the right method. At the same time, Wushu is nothing special. The closer to the true meaning of Wushu, the less waste in the performance of moves
The first chapter of python stunts is the introduction syntax of python. The two programs t ...
Posted by unerd.co.uk on Mon, 25 Apr 2022 00:33:44 +0300
*Solemnly declare: the system is an authorized test. The information provided in this article should not be used for illegal purposes. Any direct or indirect consequences and losses caused by the dissemination and use of the information provided in this article shall be borne by the user himself, and the author of this article will not bear any ...
Posted by johnnyblaze1980 on Fri, 22 Apr 2022 15:48:09 +0300
The day before yesterday, I wrote the simple sql injection process of mozhe and summarized the relevant code; Attach a summary diagram of MYSQL injection:
First, when we get the website, we use the order by statement to judge the number of fields, and then use the union joint query to find the echo point through the error display:
id=-1 u ...
Posted by az_wraith on Fri, 22 Apr 2022 11:17:39 +0300