Frp intranet penetration
Frp intranet penetration In essence, intranet penetration is also a port mapping. Both of them map the intranet address to the accessible address of the public network. The difference is that the port mapping can be configured directly in the router, while the port mapping configured by intraneUTF-8...
Posted by Stasonis on Fri, 24 Sep 2021 20:42:11 +0530
2021 second Tianyi cup ctf
Misc Sign in Group announcement FLAG flag{e7gRR32wJJcHwQjwc2k9qFZ6fvn3gZ8P} Browser First get 1. Default browser (please provide the corresponding value in the registry that can prove that it is the default browser, such as IE.HTTP) Generally in the registry, patiently turn over ./volatility -UTF-8...
Posted by vaanil on Sat, 25 Sep 2021 15:57:00 +0530
Serialize the third part of "explanation of Chrome V8 principles", look at the V8 compilation process and learn lexical analysis
Original source: See the V8 compilation process and learn lexical analysis - Security guest, security information platform Content of this article This is the third part to explain the implementation of lexical analysis (scanner) in V8, which involves several important data structures and some UTF-8...
Posted by martinacevedo on Mon, 27 Sep 2021 04:21:46 +0530
sql error injection
Error reporting based on format error (xpath syntax error) extractvalue(): The function uses the format: extractvalue(xml_document,Xpath_string). It is used to return a string containing a string from the document. If the string parameter does not conform to the syntax of XPath, an error will bUTF-8...
Posted by cyronuts on Wed, 29 Sep 2021 23:58:57 +0530
Intranet penetration beginner foundation 02
Intranet information collection 01 Around three aspects: Who am I?--Judgment of current machine role where's this?--Analyze and judge the topology of the current network environment Where am i?--Judgment of the area where the current machine is located Collect native information Collect informUTF-8...
Posted by Ange52 on Fri, 01 Oct 2021 04:29:55 +0530
File upload blacklist & whitelist bypass
preface File upload common verification: Suffix: type, file header Suffix: blacklist, whitelist File type: MIME information File header: content information Mixing php and html code $_ FILES [form upload name] ['name'] PleUTF-8...
Posted by Dani34 on Mon, 04 Oct 2021 23:28:46 +0530
Learn LD from a problem_ PRELOAD & putenv()
[geek challenge 2019]RCE ME Topic analysis To bypass the regulUTF-8...
Posted by Gary King on Sat, 09 Oct 2021 10:13:55 +0530
CTFshow question brushing Diary - WEB-JAVA - (web279-290) struts 2 full vulnerability emerges
All questions are struts 2 framework vulnerabilities Struts 2 is a Web application framework based on MVC design pattern written in Java language About struts 2 vulnerabilities, vulhub has its own environment, and gives the vulnerability principle and poc GitHub project address: https://github.UTF-8...
Posted by geetakhurana on Wed, 13 Oct 2021 04:26:32 +0530
Information in SQL injection_ The role of schema
Information in SQL injection_ The role of schema This experiment explains through information_schema is a database to obtain information such as database name, table name and field name in the database. Introduction to experiment Experiment series: WEB Security Application Subjects: WEB SecuritUTF-8...
Posted by TEENFRONT on Sat, 23 Oct 2021 13:32:57 +0530
Detailed explanation of error injection
1, Detailed explanation of error injection Recently, I learned about SQL error injection. This article is about some personal understanding of error injection. If there are errors, I hope to point out them This article uses sqli labs database as an example 1. Ten MySQL error reporting injectionUTF-8...
Posted by billcoker on Sun, 24 Oct 2021 12:06:31 +0530