'HACKING > System hacking' 카테고리의 다른 글

glibc _IO_FILE table check bypass  (0) 2021.01.09
javascript engine fuzzing and exploitation reading list  (0) 2020.09.07
Node.js reverse Shell  (0) 2019.09.21
python pty module with reverse shell  (0) 2019.09.21
bash trick(꿀 tip)  (0) 2019.08.21

'HACKING > System hacking' 카테고리의 다른 글

glibc _IO_FILE table check bypass  (0) 2021.01.09
Android Kernel Exploitation  (0) 2021.01.04
Node.js reverse Shell  (0) 2019.09.21
python pty module with reverse shell  (0) 2019.09.21
bash trick(꿀 tip)  (0) 2019.08.21

linux include 파일 찾기

$ grep -r "struct iphdr" /usr/include

ref.https://chp747.tistory.com/358?category=716904

'OS > linux' 카테고리의 다른 글

/proc/self/cwd  (0) 2019.05.09
프로세스에서 사용중인 파일 디스크립터 찾기  (0) 2018.07.20
리눅스 넘버링?  (0) 2018.03.27
리눅스 세션 연결 시 history 자동 삭제하기  (0) 2018.03.20
vim 화면 스크롤  (0) 2018.02.15

Information Security Cheat Sheet


This is a recollection of links and resources I have found / been told about over the years. I developed this post in the hope to map out good resources in the indurstry, facilitating the spread of knowledge, no matter the skill level.

If any errors are spotted, or any links need adding / updating / removing. Please contact me via Twitter @SecGus (https://twitter.com/SecGus).

Personal Contributions


CTF Pages


The King Of CTF Pages-https://ctftime.org/
247CTF -https://247ctf.com
HackTheBox -https://hackthebox.eu/
RootMe -https://root-me.org/
0x0539 -https://0x0539.net/
Laptop Hacking Coffee -https://ctf.laptophackingcoffee.org/
pwnable tw -http://pwnable.tw/(Only BinExp)
pwnable kr -http://pwnable.kr/(Only BinExp)
PicoCTF -https://picoctf.com/(Beginner friendly)
reversing kr -http://reversing.kr/
The Stereotyped Challenges -https://chall.stypr.com/
SDSLabs CTF -https://backdoor.sdslabs.co/

Payload Cheat Sheets


PayloadsAllTheThings -https://github.com/swisskyrepo/PayloadsAllTheThings
BurpSuite XSS Cheat Sheet -https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

OSCP Preparation


Sam’s Review / Guide -https://coffeejunkie.me/OSCP-Exam-Overview/
R4J Buffer Overflow -https://github.com/r4j0x00/oscp-like-stack-buffer-overflow
Computerphile BoF Explanation -https://www.youtube.com/watch?v=1S0aBV-Waeo
g0tm1lk Linux Priv Esc Cheat Sheet -https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Windows Priv Esc -https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Windows Priv Esc (built around OSCP) -https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_windows.html

SAST Practice Pages


Secure Code Warrior -https://securecodewarrior.com/
ExploitDB (May require imagination) -https://www.exploit-db.com/

All Around Practical Learning (non-competitive)


OWASP Juice Shop -https://owasp.org/www-project-juice-shop/
Pentester Labs -https://pentesterlab.com/
OverTheWire -https://overthewire.org/(Beginner friendly)
Pentester Academy -https://www.pentesteracademy.com/
PortSwigger Labs -https://portswigger.net/web-security
OverTheWire -http://www.overthewire.org/
CTFLearn -http://ctflearn.com/
VulnHub -http://vulnhub.com/
Hacker101 -https://www.hacker101.com/
OSINTme -https://osintme.com/

All Around Theory Learning (non-competitive)


OWASP -https://owasp.org/
BurpSuite Research -https://portswigger.net/research
HumbleBundle Cyber Security Books -https://www.humblebundle.com/books/cybersecurity-2020-wiley-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_4
Free SANS courses for the fundamentals -https://www.cyberaces.org/courses.html

Relevant Blogs / Podcasts


Security Weekly -https://securityweekly.com/category-shows/application-security-weekly/
Darknet Diaries -https://darknetdiaries.com/
TheManyHatsClub -https://themanyhats.club/
0x00Sec (Community Blog) -https://0x00sec.org/
Secret Club -https://secret.club/
g0tm1lk -https://blog.g0tmi1k.com/
Cybering -https://cybering.cc/

Twitch Hacking Channels (English)


TheBlindHacker -https://www.twitch.tv/theblindhacker
GeoHotz -https://www.twitch.tv/georgehotz
LiveOverflow -https://www.twitch.tv/LiveOverflow

Twitch Hacking Channels (Spanish)


S4vitar -https://www.twitch.tv/s4vitaar

Youtube Channels Pentesting (English)


HackerSploit -https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
IppSec -https://youtube.com/ippsec
TheCyberMentor -https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw
LiveOverflow -https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
Computerphile -https://www.youtube.com/user/Computerphile

Youtube Channels Pentesting (Spanish)


Victor Garcia -https://www.youtube.com/channel/UCjNHFaBm_0-Mo749MB3A9cQ
S4vitar -https://www.youtube.com/channel/UCNHWpNqiM8yOQcHXtsluD7Q
Julio Ureña -https://www.youtube.com/channel/UC2o1vzpUIvgf0VMJIMKZ_rQ

Relevant Discord Servers and Communities


TheManyHatsClub -https://discord.gg/infosec
ThugCrowd -https://thugcrowd.com/
LaptopHackingCoffee -https://laptophackingcoffee.org/doku.php?id=start
HackTheBox -https://discord.gg/hRXnCFA
0x00Sec -https://discord.gg/PHM9Wak(https://0x00sec.org)
John Hammond Discord -https://discord.gg/Kgtnfw4
ReSwitched -https://discordapp.com/invite/ZdqEhed
ur-hackr -https://ur-hackr.com/

Companies Offering Certificate


ELearnSecurity -https://elearnsecurity.com/
Pentester Academy -https://www.pentesteracademy.com/
Offensive Security -https://www.offensive-security.com/
HackTheBox -https://hackthebox.eu/

Other Relevant Links


The Cybrary -https://www.cybrary.it/
CyberFirst -https://www.ncsc.gov.uk/cyberfirst/
Mind Map Everything -https://www.amanhardikar.com/mindmaps.html
Events around London -https://medium.com/@securestep9/cybersecurity-infosec-appsec-meetups-events-in-london-3688c4a42ea6
Razvi’s List of Hacking Sites -https://razvioverflow.github.io/starthacking
Peerlyst -https://www.peerlyst.com/
CTFs for beginners -https://twitter.com/JenF3rr_/status/1208577793359003648
HackerOne Bugbounty page -https://hackerone.com/
Using Twitter for InfoSec -https://dev.to/vickilanger/that-s-it-that-s-the-tweet-send-3e0h
CVE feed from the mitre -https://cve.mitre.org/

#ref.https://hackmd.io/@Chivato/SkKfAjuV8

'HACKING > Web hacking' 카테고리의 다른 글

sqli information_schema tip  (0) 2019.07.14
mysql group_concat  (0) 2018.04.04
SQL injection msql.innodb_table_stats  (0) 2018.02.24
sql injection 참고  (0) 2018.02.10
LFI Exploit with PHP Protocols / Wrappers  (0) 2017.11.30

Description

Sudo 1.8.28 이하 버전에서 발생하는 취약점으로, sudo가 임의의 사용자 ID로 명령을 실행하는 방식에서 결함이 발생함.

payload

$ sudo -u#-1 id

요즘 비오비에서 진행하는 프로젝트 때문에 Node.js를 보고있다.

그리고 취약점 진단을 위한 Node.js 리버스쉘코드가 필요한데 이참에 정리해둔다.

 

 

 

또한 아래는 리버스쉘 관련 팁들인데 시간나면 번역해서 정리해둬야겠다.

https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/

리버스쉘로 쉘을 얻었을 때 /bin/sh 같은 경우 쉘 달러가 안보인다. 

그래서 이를 python의 pty 모듈을 이용해 bash 쉘을 띄워주는 역할을 할 수 있다.

 

inline으로 python의 pty 모듈을 import해서 spawn함수를 통해 /bin/bash를 실행시키면 아래와 같이 bash 쉘이 떨어진다.

 

 

'HACKING > System hacking' 카테고리의 다른 글

javascript engine fuzzing and exploitation reading list  (0) 2020.09.07
Node.js reverse Shell  (0) 2019.09.21
bash trick(꿀 tip)  (0) 2019.08.21
tips for find binsh address using pwntool  (0) 2019.07.05
unsafe unlink  (0) 2019.06.06

+ Recent posts