Host Enumeration As usual, we begin with an nmap scan to identify listening services. 22: OpenSSH 7.6p1 80: Closed HTTP 8080: BadHTTPServer Host enumeration - 8080 Interestingly, ...

Host Enumeration As usual, we begin with an nmap scan to identify listening services. 22: OpenSSH 7.6p1 Ubuntu 80: Apache httpd 2.4.29 443: Apache httpd (SSL-only mode) Enumeration...

As I’m gaining interest in exploit development, I decided to try and learn structured exception handler (SEH) buffer overflow exploits. For this demonstration, I’ll be exploiting Vulnserver’s GMON ...

It’s that time of year when many around the world gather and go easter egg hunting. However, at the time of writing this we are advised to remain home. For me, this meant an opportunity to get my c...

Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by below. Parameter Filename - email   ...

Host Enumeration Let us begin with an nmap scan to identify listening services. We get a result of three listening ports, interestingly three of which are HTTP services. 22: OpenSSH 7.6p1 ...

An issue was discovered in Project Worlds Official Car Rental System - 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager pa...

Host Enumeration As usual, we begin with an nmap scan to view open ports on the host. In my limited experience, Windows hosts have many open ports. It seems that this remains true with Forest....

Daily Expense Tracker System (DETS) is vulnerable to stored cross site scripting (XSS). This post will be a brief write up about discovery and exploitation of CVE-2020-10107. This vulnerability exi...

Daily Expense Tracker System (DETS) is vulnerable to SQL injection. This post will be a brief write up about discovery and exploitation of CVE-2020-10106. These vulnerabilities exist in the Daily E...