Collaborate Disseminate
My question is, how can i completely restrict Steam’s processes and modules to only have access to what they suppose to, and not be able to do anything malicious, for example running bin/sh or accessing files that it shouldn’t?
Basically, … Continue reading How to completely restrict Steam in Linux to defend against remote zero day exploits?
I am solving a tryhackme box:
I am successfully be able to transfer Winpeas to the Jenkins server. However, when I try to run them it dosen’t show any error and it just wont run:
-a— 10/25/2019 9:54 PM 64 secret.key … Continue reading winPeas not running on reverse powershell without any error [closed]
I stumbled upon this abomination in the code base of a project I’m working on and wondered if it constitutes a security issue.
$requestUri = explode(‘?’, $_SERVER[‘REQUEST_URI’]);
$requestUri = explode(‘/’, $requestUri[0]);
array_shift($r… Continue reading Unserialize URI with PHP and nginx to gain RCE
In working on a vulnerable box, I found a field in a database table where one can insert php code. Based on this exploit:
https://www.exploit-db.com/exploits/24044
I tried to use this code to make a php webshell:
?php $cmd=$_GET[‘cmd’];sy… Continue reading Attempting remote code execution, why does this php webshell code fail with single quotes?
I’m testing on application which runs on NodeJS, and discovered unrestriced file upload vulnerability, path traversal is not possible.
Uploaded file is visitable, I can upload .html to perform XSS attack, however I want something more. I’m… Continue reading NodeJS, unrestricted file upload, RCE [closed]
I’m doing testing on Ruby on Rails application, not familiar with it at all.
During my testing I have discovered unrestricted file upload (without possibiltiy to manipulate path).
I have tested uploading many extensions to gain Remote Code… Continue reading Ruby on Rails, unrestricted file upload, RCE
Microsoft released an emergency patch and stated that the vulnerability is being actively exploited in the wild. All the news articles describing the RCE are implying that any internet-connected computer running Windows is at risk. This ca… Continue reading Who is at risk from the PrintNightmare RCE?
In the past few days, I have created my own webserver to serve as my sandbox for learning pen-testing. I saw this blog (https://outpost24.com/blog/from-local-file-inclusion-to-remote-code-execution-part-1) and wanted to attempt something s… Continue reading How does Local File Inclusion (LFI) work?
I’ve been playing around with the EternalBlue exploit recently. I’ve downloaded a Windows 10 iso file from 2016 and used it to set up a Windows 10 Pro VM as my sandbox. I also ran the nmap script and metasploit scanner module to ensure tha… Continue reading RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)
I know it is possible to get RCE with SQLi but I can’t write to web root, I can only write files to /tmp folder. I can upload shell.php in /tmp without problems, but I’m curious is there any other way to get this file executed?
Most of the… Continue reading SQL injection to RCE with load_file , into outfile etc