Español
Sometimes trying to access or exploit a service from a host that we already have access to, we find that this service is only accessible internally or it is protected by a firewall. So what if we want for example to be able to use tools from our box, then we can use the technique of port forwarding. In this post I will show different methods that can be used in Windows and Linux environments.
If you know more methods or want to make some correction do not hesitate to comment.
Continue reading
Power belongs to the people who take it
Category: Cheat-sheets
Once shell is achieved in a target it is important the transfer of files between the victim machine and the attacker since many times we will need to upload files as automatic tools or exploits or download victim’s files to analyze them, reversing, etc.
In this post we will see a Cheatsheet of some of the ways to make these transfers.
If you know any more, do not hesitate to comment.
Continue reading
The most normal after getting RCE through a Web application, a MSQL with xp_cmdshell or another method is to try to get a shell.
In this post we will see a list of commands to get shell in Windows with its proof of concept and the reaction that causes this execution in Windows Defender. Continue reading
Cross-site scripting (XSS) is a vulnerability that allows an attacker to inject code (usually HTML or JavaScript) into a web. When a victim sees an infected page, the injected code runs in his browser.
Today we bring a Cheat Sheet about this vulnerability that is not the best known by the common user but is one of the most appearing on the webs.
Continue reading
Redes Sociales
© 2024 ironHackers
Theme by Anders Noren — Up ↑