niedziela, 11 września 2016

sobota, 10 września 2016

Local resource enumeration via XSS

Probably you all already know how to "Hack Intranet Websites from the Outside" (if not, google for Jeremiah Grossman and RSnake - you can start here - and read about some attacks from 2006 and 2007). ;) There you will find similar usage of JavaScript as you can find below:

DVL Warmup poc

Yesterday I was playing with an old ISO called Dam Vulnerable Linux. If you're learning some binary exploitation, a nice 'warmup exercise' can be found here:

poniedziałek, 5 września 2016

Bitbot CTF

In the middle of the other activities and projects, I decide to sit down for a while and check another CTF. This time I decided to try Bitbot. Found again on VulnHub – thank you guys. Also big thanks for the author (bwall) for preparing this game! So… Let’s get to work.