版本<!-- https://mvnrepository.com/artifact/org.beanshell/bsh (beanshell1)--> <depe…
从国赛到西湖论剑:fenjing进阶通杀jinjia2_SSTI前言最近俩月比赛遇到了三个jinjia2_SSTI题目,发现其虽然有过滤,但是fenjing都可以对其过滤进行降维打…
在 Web 安全领域,看似平常的认证机制,背后却隐藏着错综复杂的风险与挑战,知己知彼,则百战不殆,只有了解其原理及攻击手法,才能提前预知风险。本文将重点剖析 Web 中的几种认证机…
payload// // Source code recreated from a .class file by IntelliJ IDEA // (powered by Fern…
前言目前,很多的系统在登录的时候都支持通过第三方账号登录,如通过微信,qq,微博扫描登录。这种一般都是通过OAuth2.0搭建完成的。有一个问题需要思考:通过第三方应用登录的过程是…
![[Meachines] [Easy] SteamCloud Kubernetes-RCE+Kubernetes节点权限提升缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2025/01/88b395b4fcff902678a4b337c00669-400x280-c.jpg "[Meachines] [Easy] SteamCloud Kubernetes-RCE+Kubernetes节点权限提升缩略图")
Information GatheringIP AddressOpening Ports10.10.11.133TCP:22, 2379, 2380, 8443, 10249, 1…
![[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2025/01/36b553e3c27e0201221954d79345d2-400x280-c.jpg "[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升缩略图")
Information GatheringIP AddressOpening Ports10.10.10.68TCP:80$ sudo masscan -p1-65535,U:1-…
![[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2025/01/5d537b7d9ab3e8a865d8dc9de87ffa-400x280-c.jpg "[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限…缩略图")
Information GatheringIP AddressOpening Ports10.10.10.29TCP:22,53,80$ sudo masscan -p1-6553…
"值得分享的是,我不使用自动化工具来查找这些问题。事实上,我用于一般测试的唯一自动化工具是 SQLmap for SQLi。" ————bombon什么是Web缓存漏洞Web缓存漏…
![[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2025/01/3eb1a6b3fd8f5121d8b4147ad61547-400x280-c.jpg "[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提…缩略图")
Information GatheringIP AddressOpening Ports10.10.10.215TCP:22,80,33060$ sudo masscan -p1-…
