Attacking JSON Web Token (JWT)
In this post we’ll see how a website that uses JWT incorrectly allows us to create users with arbitrary data. We will rely on a challenge from the CTF TJCTF, specifically the Moar Horse 4 challenge.
Continue reading
Power belongs to the people who take it
In this post we’ll see how a website that uses JWT incorrectly allows us to create users with arbitrary data. We will rely on a challenge from the CTF TJCTF, specifically the Moar Horse 4 challenge.
Continue reading
Once shell is achieved in a target it is important the transfer of files between the victim machine and the attacker since many times we will need to upload files as automatic tools or exploits or download victim’s files to analyze them, reversing, etc.
In this post we will see a Cheatsheet of some of the ways to make these transfers.
If you know any more, do not hesitate to comment.
Continue reading
© 2024 ironHackers
Theme by Anders Noren — Up ↑