unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Spip Preauth RCE 2024: Part 2, A Big Upload
Hello dear reader,This article is the continuation of my Spip research, with a twist!One S...
2024-9-4 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
bigup
php
spip
formulaire
fichiers
Spip Preauth RCE 2024: Part 1, The Feather
Hi dear Sir, Madam. Please be informed that this is the third article dedicated to Spip 0-day...
2024-8-16 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
php
spip
modeles
typo
texte
Maarch Courrier 21.03, 2nd order cmd injecton to RCE
IntroductionThis training session was focused on white-box code review and runtime intros...
2023-7-16 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
isavailable
onlyoffice
php
withjson
withstatus
Kong & Konga Exploitation & Hardening
What is kong & why we’re relying on itIf you’re an occasional reader of the manomano-tech M...
2023-5-10 08:0:0 | 阅读: 6 |
收藏
|
Think Love Share - thinkloveshare.com
kong
konga
lua
github
security
Php-Internalog, Introspection Applied to 0day Research
This article is the transcript of a talk (FR) @Groumpf_ and I gave for the RumpARennes and Gr...
2022-11-18 08:0:0 | 阅读: 0 |
收藏
|
Think Love Share - thinkloveshare.com
php
groumpf
python
Pre-Auth Remote Code Execution - Web Page Test
As I joined ManoMano early in April 2022 (and due to the coordinated vulnerability disclosure...
2022-9-23 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
php
testinfo
ssrf
jpeginfo
wpt
RCE on Spip and Root-Me, v2!
Hello there,This is the second article dedicated to Spip 0-day research, if you haven’t read...
2022-8-16 08:0:0 | 阅读: 5 |
收藏
|
Think Love Share - thinkloveshare.com
php
spip
payload
ical
mediabox
1001 ways to PWN prod - A tale of 60 RCE in 60 minutes
This article is the transcript of a talk (FR) I gave for the HitchHack in May 2022, kudos for...
2022-7-14 08:0:0 | 阅读: 0 |
收藏
|
Think Love Share - thinkloveshare.com
php
ssrf
payload
injection
ssh
pty4all - The shells you deserve
This article is the transcript of a talk (FR) I gave at the opening of the CTF platform TheBl...
2022-1-29 08:0:0 | 阅读: 3 |
收藏
|
Think Love Share - thinkloveshare.com
socat
tcp4
butzel
remote
attacker
Failed02 Pulse Secure VPN and Guacamole WebSocket Hooking
Second article of the Failed series!We often read articles or research that explain how to...
2021-12-18 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
realm
guacamole
puppeteer
RCE with SSRF and File Write as an exploit chain on Apache Guacamole
While doing research on various topics, I stood upon Guacamole, a software that can be used a...
2021-11-20 08:0:0 | 阅读: 0 |
收藏
|
Think Love Share - thinkloveshare.com
guacamole
guacd
ssrf
loopback
ssh
Get shells with JET, the Jolokia Exploitation Toolkit
TL;DR: I’m finally releasing JET, a Jolokia Exploitation Toolkit! To introduct this tool &...
2021-10-29 08:0:0 | 阅读: 6 |
收藏
|
Think Love Share - thinkloveshare.com
jolokia
dummy
jfr
catalina
Failed01 - DOS to RCE in jolokia
First article of a new series! Exciting isn’t it?We often read articles or research that ex...
2021-10-3 08:0:0 | 阅读: 7 |
收藏
|
Think Love Share - thinkloveshare.com
jolokia
writeable
djava
bodsch
Salut, ca va ?
Salut ! Ca va ?Ca va ! Et toi ?Ca va !What a useless proloque, right? Riiight?Well, not...
2021-9-24 08:0:0 | 阅读: 2 |
收藏
|
Think Love Share - thinkloveshare.com
useless
client
salut
secondly
riiight
SSRF to RCE with Jolokia and MBeans
Okey, here’s a funny one I’ve been given to exploit recently.The cause of this bug is simpl...
2021-2-28 08:0:0 | 阅读: 9 |
收藏
|
Think Love Share - thinkloveshare.com
jolokia
tat
php
arg1
arg2
RCE on Spip and Root-Me
Hi there, This article is about Spip, root-me.org, XSS, SQLi, and Remote Code Execution. Ev...
2020-9-29 08:0:0 | 阅读: 0 |
收藏
|
Think Love Share - thinkloveshare.com
php
ecrire
spip
4494
lien
A Helping Hand
From time to time, I help friends to troubleshoot issues. Coding, system administration, hack...
2020-5-3 08:0:0 | 阅读: 0 |
收藏
|
Think Love Share - thinkloveshare.com
helpee
ssh
ngrok
tmux
minos
Reverse XSShell
While auditing a website, I found out they were using websockets to transmit data. I didn’t...
2020-2-22 08:0:0 | 阅读: 1 |
收藏
|
Think Love Share - thinkloveshare.com
reverse
asyncio
websockets
payload
xsshell
Infosec made easy
Cross Site Scripting (XSS)Quand quelqu’un t’envoie un message mais qu’en fait ce message co...
2020-2-3 08:0:0 | 阅读: 1 |
收藏
|
Think Love Share - thinkloveshare.com
tu
est
une
des
pour
Wordpress Subpath Auditor
About a month ago, I had to audit a wordpress website. As it was one of my first real-life pe...
2020-1-25 08:0:0 | 阅读: 1 |
收藏
|
Think Love Share - thinkloveshare.com
wordpress
proxy
auditor
crawler
cough
Previous
-1
0
1
2
3
4
5
6
Next