ATT&CK Combat Series-Red Team Combat

The second round of the Red Sun Shooting Range, I am not very proficient in the intranet, so I used it to record the process.Shooting range download addresshttp://vulnstack.qiyuanxuetang.net/vuln/detail/3/But the Baidu cloud link seems to be G, and a wave of online searches found my own Baidu network disk.Link: https://pan.baidu.com/s/16G9Tim03 ...

Posted by Flare Boards on Mon, 06 Feb 2023 12:41:17 +0300

Weblogic Series Vulnerability Recurrence

#Disclaimer: This is a personal note, which is only for learning. It is prohibited to use it for any illegal act. Any illegal act has nothing to do with me. Weblogic XMLDecoder Deserialization Vulnerability (CVE-2017-10271) Vulnerability Overview Vulnerability No.: CVE-2017-10271 Vulnerability impact: wls wsat XMLDecoder deserialization vu ...

Posted by chelsea7 on Sat, 17 Sep 2022 21:36:21 +0300

shiro security framework

Rights management: Rights management is required for systems involving user participation. Rights management belongs to the category of system security. Rights management is to realize the control of user access to the system. Users can be controlled according to security rules or security policies, and users can only access their own user ...

Posted by earthlingzed on Thu, 15 Sep 2022 21:52:31 +0300

Nucleoi POC template writing notes

Basic introduction id The ID must not contain spaces. This is done to make output parsing easier. id: git-config information The next important information about the template is the information block. The information block provides name, author, severity, description, reference, and label. It also contains a severity field indicating the ...

Posted by matstuff on Wed, 31 Aug 2022 01:55:27 +0300

Debugging Tools: Application Validator (How to use it and how it works)

What does Application Verifier do? Application Verifier is an official application verification tool from Microsoft. It is mainly used to help users detect and debug memory corruption, dangerous security vulnerabilities, Run-time detection, etc. It is an auxiliary development tool without modifying the source code; When reporting unrel ...

Posted by Idri on Wed, 25 May 2022 12:51:24 +0300

Actual combat of wireless routing attack

1, Preparation stage Attack host: kali Linux Attack tools: airrack ng, airdump ng, air ng, and air replay ng One network card You can check whether the network card is ready through the command: sudo iwconfig. My network card name is wlan0 root@kali:~# iwconfig lo no wireless extensions. eth0 no wireless extensions. wlan0 ...

Posted by pradee on Sun, 22 May 2022 11:24:31 +0300

Two ways of heap overflow (topic)

babyheap_0ctf_2017 The first step is to change libc     Routine checksec   Enter code audit   If you find that the symbol table is closed, you need to guess the function with the function.   Then rename the main function. Allocate function:     Nothing special Fill function   It is obvious that there i ...

Posted by jonex on Fri, 20 May 2022 05:29:05 +0300

Upgrade CentOS 7 to openssh 8.0 7.p1

Background summary OpenSSH (OpenBSD Secure Shell) is a set of connection tools for secure access to remote computers of the Openbsd program group. The tool is an open source implementation of SSH protocol, supports encryption of all transmissions, and can effectively prevent eavesdropping, connection hijacking and other network level attacks. ...

Posted by tbeinc on Fri, 20 May 2022 04:59:54 +0300

CTF Reverse-[Anxun Cup 2019]game-Use deflat to de-obfuscate conventional logic judgments

CTF Reverse-[Anxun Cup 2019]game-Use deflat to make conventional logical judgments after the main confusion is de-obfuscated Source: https://buuoj.cn/ Content: none Attachment: https://pan.baidu.com/s/1qq_64SNIRnnTTCNqNIKOiw?pwd=1iz9 Extraction code: 1iz9 Answer: KDEEIFGKIJ@AFGEJAEF@FDKADFGIJFA@FDE@JG@J general idea Determine the funct ...

Posted by Ludichrist on Wed, 18 May 2022 00:20:16 +0300

2020 ddctf web check-in problem solution

Solution of Web check-in problem in DDCTF in 2020. (web 🐶 Only work out this problem. I have something to do the next day) web check in question Step 1: JWT bypass Figure 1: accident conditions given by the title. Send a request to the api and get the following response. The data format of data is similar to jwt, which is guessed to be ...

Posted by ego0 on Tue, 17 May 2022 16:51:44 +0300