原创 Linux - mysql sql injection
mysql runs the syntax from left to right. select user from user where user='ro' 'ot'=0; When user is root, it shou
原创 Python - rq / mrq / Celery
rq Simple job queues for Python http://python-rq.org Please read the results from redis server. mrq Mr. Queue - A
原创 Linux - rpcclient
Demo root@kali:~/reports# rpcclient -U "" 10.11.1.227 Enter 's password: rpcclient $> help --------------- ---
原创 vuln - SugarCRM 6.5.23 - REST PHP Object Injection Exploit
Deploy a vuln lab Please install docker yourself. #!/bin/bash docker build -t sugarcrm:CVE-2016-7124 -f Dockerfile
原创 PowerShell - PowerShell’s Security Guiding Principles
PS C:\Users\test\Desktop\PowerSploit-master\Exfiltration> Set-ExecutionPolicy Default Execution Policy Change The
原创 Pentest - mysql udf privilege escalation
How to compile UDF DLL #include <stdio.h> #include <stdlib.h> enum Item_result {STRING_RESULT, REAL_RESULT, INT_RE
原创 Metasploit - ERROR: cannot discover where libxml2 is located on your system
metasploit-framework [rapid7-master] ->> rvm list rvm rubies =* ruby-2.3.3 [ x86_64 ] # => - current # =* - curren
原创 exploit - CVE-2017-5638 - Apache Struts2 S2-045
Metasploit-Framework Exp Code #!/usr/bin/python # -*- coding: utf-8 -*- import urllib2 import httplib def exploit(
原创 Exploit - RFID
RFID Hacking Prepare Install Proxmark3 Check Proxmark3 / card status Crack Keys PRNG Attack NESTED Attack Dump data &
原创 Compile zmap in Mac OSX
The quickest way to install zmap in Mac OSX is : $ brew install zmap But, it may fails at sometimes. ex: $ time zmap -o
原创 Burpsuite - Extension: SQLipy
References https://github.com/codewatchorg/sqlipy/blob/master/SQLiPy.py https://www.codewatch.org/blog/?p=402 http
原创 Linux - openvpn seutp automatically
How to setup a vpn service ? If you want to setup a vpn service, please try the following bash script. root@sh:/tmp/op
原创 Python - decode ip header
#!/usr/bin/python # -*- coding: utf-8 -*- from ctypes import * import socket import struct class IP(Structure):
原创 Burpsuite - Extension: Get All Proxied Hosts
How to get all proxied hosts from burpsuite sitemap ? from burp import IBurpExtender from burp import IContextMenuFacto
原创 Android - Application Reversing
How to pwn cocon.apk ? A CTF Android apk called cocon.apk, and we need to decrypt the hash value (ctf flag). Please pre