-
The community has rated it ‘Very Hard’.
Keypoints:
- For apache server, we can upload .htaccess file to define our file extention ` echo "AddType application/x-httpd-php .xxx" > .htaccess`
- Ge…
-
## Steps to reproduce
How'd you do it?
1. start metasploit
2. select the specific eternalblue module mentioned below against a specific target
3 . run the module and observe the error
T…
-
### Describe the bug
As the title says, service-worker will not load correctly if you specify a subdirectory in config.paths.base.
The sample confirms that it works correctly if config.paths.base …
-
### Payload Title
Ducky-Harvest
### Payload URL
https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/library/credentials/Duckie-Harvest/payload.txt
### Payload Setup
In …
-
It appears that RC4 encrypted shell payloads built with venom are incompatible with rc4 encrypted handlers in framework? Automated testing suggests this is something across both staged and stageless …
-
## Steps to reproduce
How'd you do it?
Set up the 'sploit handler:
1. use exploit/multi/handler
2. set PAYLOAD java/jsp_shell_reverse_tcp
2. set LHOST my.host
3. set ExitOnSession false
4…
-
## Steps to reproduce
1. Launched mfsconsole on my kali linux virtual machine
2. use auxiliary/scanner/http/wordpress_login_enum
3. set rhost, wordlists and target uri
4. It recognized the w…
-
Keypoints:
- Made a bad ODT file to to leak NetNTLM Creds (https://github.com/rmdavy/badodf/blob/master/badodt.py) and impacket-smbserver can receive NetHTLM hash info --> Use `hashcat -m 5600` or j…
-
Back in 2018, Google added some restrictions to their browser to prevent a security issue with DevTools where a malicious webpage may be able to control the browser. This issue was documented over at …
-
| --- | --- |
| Bugzilla Link | [233231](https://bugs.eclipse.org/bugs/show_bug.cgi?id=233231) |
| Status | REOPENED |
| Importance | P3 normal |
| Reported | May 21, 2008 10:17 EDT |
| Modified …