En este post resolveremos la máquina creada por @takito1812 que fue propuesta en el UPSA CTF 2020.
Es una máquina Linux de nivel sencillo/medio que ha sido bastante entretenida.
Power belongs to the people who take it
En este post resolveremos la máquina creada por @takito1812 que fue propuesta en el UPSA CTF 2020.
Es una máquina Linux de nivel sencillo/medio que ha sido bastante entretenida.
A few days ago a vulnerability was discovered in WordPress 5.1 that has already been patched in version 5.1.1, in this post we will explain it and exploit it step by step.
The vulnerability starts in a CSRF so it requires user interaction and javascript enabled in the victim’s browser.
Any doubt or correction will be appreciated.
Continue reading
Hi, today I bring you the “proof of concept” of a vulnerability that was found a few days ago in WinRar. This vulnerability has been running for 19 years and has been patched in version 5.70 beta 1, so if you are a WinRar user it is very important that you update the software.
The most normal after getting RCE through a Web application, a MSQL with xp_cmdshell or another method is to try to get a shell.
In this post we will see a list of commands to get shell in Windows with its proof of concept and the reaction that causes this execution in Windows Defender. Continue reading
In this post we see how to get command execution in Windows 10 through a phishing with a malicious PDF with a embedded file with SettingContent-MS extension that will run automatically using JavaScript. We will create malicious PDF ant make a simple test without using Adobe Acrobat DC Continue reading
© 2024 ironHackers
Theme by Anders Noren — Up ↑