Collaborate Disseminate
I’m reading https://drive.google.com/file/d/1aeNq_5wVwHRR1np1jIRQM1hocrgcZ6Qu/view?pli=1
On page 44 it mentions about a way to exploit IIS servers,
I tried to reproduce it but it didn’t work.
I created a Windows 2016 IIS server and add a… Continue reading Understanding the attack on IIS virtual hosting
So I am resolving room Wekor at tryhackme. The room says we need to use the domain "wekor.thm". So I added the domain to /etc/hosts
There is a hidden subdomain site.wekor.thm. I’ve already read the walkthrough.
When I tried to … Continue reading Gobuster doesn`t work properly
When doing black-box vulnerability assessment (with permission of course) of a subdomain of a website, the first step is enumeration; and the first step of that is finding IP of the subdomain.
If you find this IP, and then upon performing … Continue reading In case of multiple websites using a single IP, and we have been asked to perform vulnerability assessment to ensure its security, how many to target
I’m currently learning how to discover web applications running on a machine using port scanning, vhost bruteforcing and directory fuzzing. When it comes to port scanning, there is one thing I can’t wrap my head around.
Let’s say I have sc… Continue reading Web application discovery: Can there be virtual hosts configured even when there is a response without host header?
I am new to kali linux and to ethical hacking on general..
And i saw alot of people that have downloaded kali linux as dual bootable with windows 10
And some of them just used a vmware or virtual box to make the virtual environment for kal… Continue reading What is the difference between Dual bootable Kali linux and Virtual environment? [duplicate]
I recently created a virtualbox virtual machine of Ubuntu 18.04 and installed Anydesk remote desktop app in it. An IT guy accessed my computers desktop via Anydesk app, but he is actually inside the Ubuntu Virtual Machine on Virtualbox. I … Continue reading How one can find I am using virtual box Virtual Machine linux through Anydesk remote application?
Apache site down after getting AH02032 error, and automatically up if I restart apache or after some time(maybe 1-3 hours).
The Server setup is Xampp in Windows Server 2012
Many sites are hosted on the same server with virtual host setup,… Continue reading Apache site down after getting AH02032 error
This question is not about the trivial usage of the forward/reverse DNS.
Getting the IP of a hostname is trivial (DNS), and using reverse DNS, also we can get (typically) a single hostname of an IP.
However, particularly for massive http… Continue reading Does a searchable public database exist of (hostname; ip) mappings?
I have Web servers that run multiple virtual hosts, and I’d like to keep eavesdroppers from telling which virtual host a client is accessing. There’s already a TLS extension for solving this problem: encrypted SNI. I see that… Continue reading How can I set up Encrypted SNI on my own servers? [migrated]
I just installed Oracle Virtual Box 6 , created a headless VM and opened a cmd from my host machine… where i could see the virtual machines IP Address.
Does this happen to all. I heard it should be bridged to get ip addre… Continue reading Trying to get ipaddress of virtual machine