Mohamed Hegazih0kaz.hashnode.dev·Apr 18, 2024TryHackMe: XSS RoomRoom URL: TryHackMe | XSS Explore in-depth the different types of XSS and their root causes. Task 1: Introduction Cross-site scripting (XSS) remains one of the common vulnerabilities that threaten web applications to this day. XSS attacks rely on inj...Discuss·45 readstryhackme
h0neyp0tbeesploit.hashnode.dev·Mar 5, 2024[TryHackMe] Searchlight - IMINTHello leet h4xxors, today I'm writing the first write-up of the serie. 😁 Task 1 : Welcome to the Searchlight IMINT room "In this room we will be exploring the discipline of IMINT/GEOINT, which is short for Image intelligence and geospatial intellige...Discuss·26 readsCTF Writeup#cybersecurity
Nainsi Singhalnainsees.hashnode.dev·Feb 22, 2024Exploring Ourselves and Others: Understanding Human NatureDealing with emotions is a part of our day to day life. Human nature basically identifies with who we are in this world or tells about our personality. Nature varies person to person, we cannot say that all human have same nature or understandings of...Discuss·2 likespsyc
kev1nforKCSC's thingskcsc.edu.vn·Jan 30, 2024TetCTF 2024 Write UpWeb Hello from API GW (100) credit: endy Bài này là một bài về cloud, lần đầu mình tiếp xúc với dạng này nên còn gà và chưa thể tự mình solved được Khi truy cập web challenge cung cấp, ta được như sau Dựa vào response thì ta biết được User Input ha...Discuss·1.8K readsWrite Up
Mauro CarrilloforAgrawain - Write Upsagrawain-writeups.hashnode.dev·Jan 30, 2024Write up | Blocky - Maquina RetiradaPara comenzar iniciamos validando que tenemos conexión a la maquina esto lo podemos hacer con: ping -c 1 {ip} una ves corroboramos que tenemos conexión, procedemos a realizar un escaneo con nmap. Una vez finalizado el escaneo podemos evidenciar que ...Discuss·1 like·28 readsHTB Machines
Thomas Staceythomas.stacey.se·Dec 11, 2023Making Web Cache Deception Critical in 30 MinutesWeb Cache Deception, first discovered (I think...) here, is a rare attack class that enables an attacker to trick users into storing sensitive information in a server-side cache for later retrieval. Unfortunately, throughout all my adventures so far,...Discuss·181 readsWeb Cache Deception
d0razid0razi.hashnode.dev·Nov 19, 2023[pwnable.tw] start Write upgef> disas main No symbol table is loaded. Use the "file" command. gef> info func All defined functions: Non-debugging symbols: 0x08048060 _start 0x0804809d _exit 0x080490a3 __bss_start 0x080490a3 _edata 0x080490a4 _end 처음에 아무 생각 없이 disas ma...DiscussWrite Up
d0razid0razi.hashnode.dev·Nov 19, 2023[Dreamhack] Tcache Poisoning Write up// Name: tcache_poison.c // Compile: gcc -o tcache_poison tcache_poison.c -no-pie -Wl,-z,relro,-z,now #include <stdio.h> #include <stdlib.h> #include <unistd.h> int main() { void *chunk = NULL; unsigned int size; int idx; setvbuf(s...DiscussDreamhack
Mohammed Hussainmhdhussain.hashnode.dev·Sep 30, 2023Nibbles | Hack the boxExecutive Summary The administrator password was easily guessable which allows any user to gain access to the administration dashboard. Having that access the attacker can leverage the fact that the blog is running a version that is out of date. Any ...DiscussWriteups pentesting
Grace McNerneymissclaptrap.hashnode.dev·Sep 16, 2023Writeup - OverTheWire Bandit5This level is kind of an expansion on the previous one, where we began learning how to utilize different commands to filter search results. In this exercise, the password for the next level is found in a file that is 1) human-readable, 2) 1033 bytes ...DiscussLinux