by frank | Jun 28, 2019 | CTF, Linux, Pwn, Windows
Two excellent web sites with a reference on how each exe can be used Windows : https://lolbas-project.github.io/ Unix : https://gtfobins.github.io/ On Unix, there is a script based on that that would help enumerate all possible way to elevate privileges. cd /tmp...
by frank | Jun 28, 2019 | CTF, Security, Windows
Reading Time: < 1 minuteNTFS allows additional attributes. ( https://en.wikipedia.org/wiki/NTFS#Alternate_data_streams_.28ADS.29 ) Under Linux : getfattr getfattr file.123 getfattr file.123 –only-values > output.bin Under Windows : dir /r streams myfile...
by frank | Jun 28, 2019 | Cloud, CTF, Security
Reading Time: < 1 minutedig website.cloudnslookup website.cloud sudo pip install awscli List content of a public AWS bucketaws s3 ls s3://website.cloud –no-sign-request –region us-west-2 List content of a user authenticated AWS bucketaws configure...
by frank | Jun 28, 2019 | CTF, Security
Reading Time: < 1 minuteFor PHP Loose comparison240610708 = 0e462097431906509019562988736854ximaz = 61529519452809720693702583126814 Other Magic hashes web site :...
by frank | Jun 28, 2019 | CTF, Security
Reading Time: < 1 minuteif == strcomp then replace with array=[]if String, replace with true All == should be replace with === to be sure to keep the type of...
by frank | Mar 1, 2019 | CTF, Linux
Reading Time: < 1 minutepython -c ‘import pty; pty.spawn(“/bin/bash”)’...
Recent Comments