Hi, it looks like we have a Xmas version of the new Notes Magazine#03 ;) Short description you'll find below. Here we go...
This time we'll start here:
TL;DR - in the file you'll find few notes about:
In the first one I talked about our electric mini-lab.
In second part we’ll talk about using something when it’s already free. ;) Here – similar to the part 2
of the Notes Magazine – I tried to learn a little bit more about heap exploitation.
Third section is related to Jira – popular webapp in many companies. Here I tried to look around as a
„normal AD/Jira user” to see what can be found there to prepare other ‘stages of the attack’ during
internal pentest.
In next part – called: PR for your Company – I tried to take few notes about so called Relative Path
Injections (or PRSSI). We’ll try to prepare a scenario to exploit this bug.
5th section was prepared to help me think about important possibilities when I’m trying to pass the
exam called XDS one more time (trying harder anyone?) ;)
In the next section I used CentOS to automate internal scans (or ‘patch management’– you’ll name it
;)).
After checking one of the ways to do it – I decided to check another option. And that’s how we can
read about it in section called Bones of the Green Dragon.
In last section I prepared for Notes – Part 3 I tried to understand more about mainframe(s attacks).
That’s why we’ll check Her-Cool-S. ;)
I hope you'll enjoy it. In case of questions/comments - feel free to ping me here or via @twitter. ;]
Have fun.
Brak komentarzy:
Prześlij komentarz