Etiquetas | Tags

Listado de etiquetas relevantes por tema y aparición:

Abusing FTP + IIS Services

• Devel

Abusing GPP Passwords

• Active

Abusing GenericAll privilege (Resetting a user's password)

• Search

Abusing Oracle Database

• Silo

Abusing ReadGMSAPassword privilege

• Search

Abusing SeImpersonatePrivilege

• Jeeves
• Silo

Abusing Umbraco Admin Panel

• Remote

Abusing Windows Subsystem for Linux (WSL)

• SecNotes

Abusing memcache write item permission

• Smithers

Achat 0.150 beta7 - Buffer Overflow (Windows 7 32 bits)

• Chatterbox

Advanced Bash Scripting (EXTRA)

• Control

Alternate Data Streams (ADS)

• Jeeves

AppLocker Bypass

• Control

Binary Analysis (IDA)

• HTB Cyber Apocalypse CTF 2022

Bloodhound Enumeration

• Search

Breaking KeePass

• Jeeves

Command Injection

• Smithers

ConPtyShell (Fully Interactive Reverse Shell for Windows)

• Control

Cross-Site Request Forgery (CSRF) - Changing a user's password

• SecNotes

Decrypting GPP Passwords - gpp-decrypt

• Active

GTFOBins (zip)

• HTB Cyber Apocalypse CTF 2022

Gaining access to Windows PowerShell Web Access

• Search

Gaining access with wmiexec

• Search

Generating a Shellcode based on our needs + TIPS

• Chatterbox

IDOR

• HTB Cyber Apocalypse CTF 2022

IIS Exploitation (Uploading WebShell)

• SecNotes

Icacls Abuse (Privilege Escalation)

• Chatterbox

Information Leakage

• Remote

Information Leakage (Privilege Escalation)

• SecNotes

Information Leakage - Password in picture

• Search

Jenkins Exploitation (Groovy Script Console)

• Jeeves

Kerberoasting Attack (GetUserSPNs.py)

• Search

Kerberoasting Attack (GetUserSPNs.py) [Privilege Escalation]

• Active

Ldap Enumeration (ldapdomaindump)

• Search

Memdump

• Silo

Microsoft Windows (x86) – ‘afd.sys’ (MS11-046) [Privilege Escalation]

• Devel

Microsoft Windows Event Logs Analysis (evtx)+

• HTB Cyber Apocalypse CTF 2022

NFS Enumeration - Showmount

• Remote

NTUSER.dat Analysis

• HTB Cyber Apocalypse CTF 2022

Obtaining the TeamViewer password from the system registers (AES128 - CBC) [Privilege Escalation]

• Remote

Oracle DB Exploitation - Attempting a remote file read

• Silo

Oracle DB Exploitation - Attempting a remote file upload

• Silo

Oracle DB Exploitation - Attempting execution of a previously uploaded binary file

• Silo

Oracle DB Exploitation - Discovering valid credentials (passwordguesser)

• Silo

Oracle DB Exploitation - Identifying valid SIDs (sidguesser)

• Silo

Oracle Database Attacking Tool (ODAT) Installation

• Silo

PassTheHash (Psexec)

• Jeeves

Playing with ScriptBlocks and PSCredential to execute commands as another user

• Control

Playing with pfx certificates

• Search

PowerUp Enumeration (Alternative Privilege Escalation)

• Chatterbox

RCE (md-to-pdf)

• HTB Cyber Apocalypse CTF 2022

RPC Enumeration (rpcclient)

• Search

Reflected XSS

• SecNotes

SMB Enumeration

• Active

SMB Password Spray Attack (Crackmapexec)

• Search

SQL Injection

• SecNotes
• Gogo Yubari

SQL Injection [SQLI] - Error Based

• Control

SQLI to RCE (Into Outfile - PHP File Creation)

• Control

SSH Authentication Bypass (libssh)

• Flanders

Server Side Request Forgery (SSRF)

• Gogo Yubari

Service ImagePath Hijacking (Privilege Escalation)

• Control

Stored XSS

• HTB Cyber Apocalypse CTF 2022
• SecNotes

Umbraco CMS - Remote Code Execution by authenticated administrators

• Remote

Unprotecting password-protected Excel (Remove Protection)

• Search

User Enumeration (Wfuzz)

• SecNotes

Volatility

• Silo

Web Enumeration

• Remote

WinPEAS Enumeration

• Control

Writable /etc/passwd

• Alister