Table of Contents Build operating environment Set up debugging and vulnerability environment Extract binary Set up GDB debugging environment File system verification for Fortios Bypass file system verification via patch Planting a backdoor in the file system Vulnerability Reproduction & Vulnerability Analysis exploit Related references Build a running environment You can download the FortiGate virtual […]
Tag: exploit
[Network Security — XSS Vulnerability Exploitation Practice] Do you know how to use XSS vulnerabilities for cookie acquisition, phishing and keyboard monitoring? —XSS practical chapter
1, XSS actual combat Take the pikachu shooting range as an example. The tutorial for setting up the pikachu shooting range is as follows (tools and resources are provided): [Network Security — pikachu shooting range installation] Super detailed pikachu shooting range installation tutorial (providing shooting range code and tools)_Network Security_Aini’s Blog – CSDN Blog [Network […]
[PWN] BUUCTF asis2016_b00ks Offbynull exploit
Typical offbyone utilization Modify the local environment to Ubuntu16 libc-2.23 through patchelf checksec: IDA: Menu title: Vulnerability function: When reading input into the buffer, there is a problem with the boundary check. The final end character “\x00” will be read to the position of size + 1 Use ideas First, the author name will be […]
Memory Exploitation: Late Blindless and Inescapable Exit Vulnerabilities
0x01 Preface In the field of computer security, the danger of a vulnerability is often closely related to its breadth and potential attack methods. Today we’ll take a deep dive into an incredibly dangerous vulnerability that exists in a common function called “exit” that is executed when a program exits. Whether in the operating system […]
Penetration Testing Practice-Vulnerability Exploitation MS17-010
Advice on ethics The following content is excerpted from “Metasploit Penetration Testing Guide” As a penetration tester, we can defeat security defenses, but that’s just part of our job. When you conduct a penetration attack, please remember the following advice: Don’t make malicious attacks; Don’t do anything stupid; Do not attack any target without written […]
Memory Exploitation: Late Blindless and Inescapable Exit Vulnerabilities
0x01 Preface In the field of computer security, the danger of a vulnerability is often closely related to its breadth and potential attack methods. Today we’ll take a deep dive into an incredibly dangerous vulnerability that exists in a common function called “exit” that is executed when a program exits. Whether in the operating system […]
Memory Exploitation: Late Blindless and Inescapable Exit Vulnerabilities
0x01 Preface In the field of computer security, the danger of a vulnerability is often closely related to its breadth and potential attack methods. Today we’ll take a deep dive into an incredibly dangerous vulnerability that exists in a common function called “exit” that is executed when a program exits. Whether in the operating system […]
Principles of WEB vulnerabilities—[XML&XXE exploit detection bypass]
Article directory 1 Overview 1.1. XML concept 1.2. The main differences between XML and HTML 1.3. XML code example 2. Shooting range demonstration 2.1. Pikachu shooting range–XML data transmission test How to play-1-Read files How to play-2-Intranet probe or attack intranet application (trigger vulnerability address) How to play-3-RCE Introducing external entity DTD No echo – […]
Vuln target drone series: 02TiKi-CMS vulnerability exploitation – very friendly to novices! ! !
Foreword It seems like it was just yesterday since the last time I did target shooting… I don’t want to go home on May Day, so let’s do some shooting… This time it’s interesting. I didn’t watch WP and I was able to take down this target machine. I don’t quite understand it. Generally speaking, […]
Windows Privileged Handle Exploitation Analysis
Background In a previous Blue Army technical push, a technical article on the use of leaked handles was shared. This article implements UAC by looking for leaked handles in unprivileged processes and using high-integrity handles in them. Bypass technology. This article will analyze and explain its implementation principles and its application in terminal confrontation and […]