- 博客(15)
- 收藏
- 关注
RSS订阅原创 [转]linkedin_crawl
[url]https://blog.netspi.com/collecting-contacts-linkedin-using-linkedin_crawl/[/url]
2015-06-30 00:24:09
81
原创 windows提权集合
[url]https://blog.netspi.com/5-ways-to-find-systems-running-domain-admin-processes/[/url][url]http://www.solutionary.com/resource-center/blog/2014/06/internal-network-enumeration-and-privilege-escal...
2015-06-30 00:23:06
137
原创 [转]Access to every PC and become local Admin
原文地址:[url]http://www.gosecure.it/blog/art/500/sec/sethc-access-to-every-pc-and-become-local-admin/[/url]This article talk about to connetting to a pc when you don’t have password and:– you have ...
2015-06-29 21:50:11
160
原创 [转]Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network
原文地址:[url]https://www.trustwave.com/Resources/SpiderLabs-Blog/Top-Five-Ways-SpiderLabs-Got-Domain-Admin-on-Your-Internal-Network/[/url][b]1. Netbios and LLMNR Name Poisoning[/b]One of the firs...
2015-06-29 21:46:15
622
原创 [转]如何获得window管理员权限
[quote]A tutorial on how to get into an admin account on ANY computer.[/quote][url]http://imgur.com/gallery/H8obU[/url]
2015-06-29 21:21:56
119
原创 linux free inode
http://stackoverflow.com/questions/653096/howto-free-inode-usage
2015-06-25 21:08:59
79
原创 mongodb
When did stress test, got an error as:[quote]Moped::Errors::OperationFailure (The operation: #1, :w=>1} @fields=nil>[color=blue]failed with error 13636: "file /var/lib/mongodb/sf_core_developme...
2015-06-19 14:21:39
296
原创 unpack deb file
unpack the files to fixed location[quote]sudo dpkg --unpack apache2_2.4.7-1ubuntu4.4_amd64.deb[/quote]extract deb file to user-specified location:[quote]dpkg-deb -x apache2_2.4.7-1ubuntu4.4_am...
2015-06-18 11:24:10
257
原创 [转]可绕过WAF的Burp Suite插件 – BypassWAF
工具地址:https://github.com/codewatchorg/bypasswaf工具原理:https://www.codewatch.org/blog/?p=408[quote]Users can modify the X-Originating-IP, X-Forwarded-For, X-Remote-IP, X-Remote-Addr headers sent i...
2015-06-15 21:52:49
1051
原创 [转]rake db命令
[url]http://www.douban.com/note/92737624/[/url]db:create 用config\database.yml中的定义创建当前 RAILS_ENV 项目环境下的数据库 db:create:all 用config\database.yml中的定义创建所有数据库 db:drop 删除当前 RAILS_ENV项目环境中的数据库 db...
2015-06-10 01:16:42
151
原创 arachni-web-ui使用
最近在玩儿arachni,想试试arachni-ui-web,于是就从github上download了arachni-ui-web代码。发现是使用RoR,正好白天工作目前使用RoR :D ,目前也在学习RoR。大概看了一下arachni-ui-web官方文档,但是没找到具体的使用方法。但是是使用RoR框架的,所以应该和白天工作的架构类似吧。1. 配置文件根据官方文档,arach...
2015-06-10 01:04:43
706
原创 linux dd命令
dd if=/dev/hda of=disk.mbr count=1 bs=512It copies 1 chunk of 512 bytes which is the amount of info that the MBR of the disk takes.and for restoring the MBR:dd if=disk.mbr of=/dev/hdaIt ...
2015-06-06 14:29:07
154
原创 backbox upgrade
apt-get upgrade升级使用ruby语言写的metasploit时,由于我们伟大的防火墙,升级失败。已经可以看到apt把下载下来的package解压到/opt/metasploit-framework文件夹下了。这时,可以:1. vim Gemfile把里面的https://换成http://2. 在metasploit-framework文件夹中运行bundle ins...
2015-06-06 14:23:26
157
原创 HACKING NODEJS AND MONGODB
[url]http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html[/url][url]http://blog.websecurify.com/2014/08/attacks-nodejs-and-mongodb-part-to.html[/url]
2015-06-04 23:52:04
93
原创 Window提权基本步骤
原文地址:[url]http://www.fuzzysecurity.com/tutorials/16.html[/url]1. 信息收集[quote]systeminfo | findstr /B /C:"OS Name" /C:"OS Version"hostnameecho %username%net usersnet user usernameipcon...
2015-06-03 22:00:21
173
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人