Hello, welcome to my personal blog. 😊
Today, I want to show you another useful tool for doing forensics, especially in audio forensics. It's about Audacity. Let's begin!
Hello, welcome to my personal blog. 😊
Today, I want to show you another useful tool for doing forensics, especially in audio forensics. It's about Audacity. Let's begin!
Hello, today I come back with VulnHub - which provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks .
I choose a random lab, named Loly. Let's get through it!
Hello buddy! Today I will introduce some new stuffs.
I'm in self-training for CTF competition. And according to the need of my team, I decide to explore Forensics area. I hope this decision will make it work and I can absorb more and more knowledge for pentesting.
So, I will kick off with picoCTF, this place is better for every beginner . Let's start!
like1000: 250pts
This competition is familiar to me. But this year, all the web challenges seem "guessy". Let's talk about this.
Hello guys !
With all my effort to learning about pentesting , I decide to learn Python in "pentester's way"
This is a powerful script language which can make everything easier and faster .
Today, I will introduce about Socket and furthermore , create a TCP socket client and server , by Python .
Firstly , what is socket ?
Hello sunny day ! Because of CTF competition training , I 'll continue practicing with VulnHub
As the entry's tittle , let's do this !
+GATHERING INFORMATION : After scanning the provided system (both manual and automatic ) , I figure out some stuff :
- OS : Linux 2.6.X
- Web Server ; Apache httpd 2.2.6 ((Fedora))
- DBMS : MySql 4.1.2
- PHP 5.2.4
+VULNERABILITIES :
- LFI
Hello everyone . Today , I will comeback to RootMe . This challenge is about PHP non-alphanumeric . It's at medium level with 40 points! Let’s dive into it ! 👆
Here is the source code provided by author
Hello guys, today I will show you some interesting stuffs . 👨
I am training for CTF competition which will be held by my school . And I decided to play with VulnHub.
Let's get started !
- GATHERING INFORMATION :
+Nmap
A loose comparison is one performed using two equals signs (==
).It follows suit with the “best-guess” approach, which can lead to some unexpected results.
TAKE A LOOK INTO THIS TABLE$row=@mysql_fetch_array(mysql_query("select * from admin_password where password='".md5($ps,true)."'"));OFCORSE WE DONT HAVE IDEA ABOUT PASSWORD , SO WE MUST FIND A WAY TO BYPASS THIS QUERY BY SQL INJECTION !