一蓑烟雨

摘要： Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. All the payload type in Metasploit are showing as below: 2.Try to 阅读全文

摘要： Privilege Escalation Download the Basic-penetration testing virtual machine from the following website: https://www.vulnhub.com/entry/basic-pentesting 阅读全文

摘要： Metasploit Attack Target Server： IE8 on WinXP 1.Start the Metasploit. 2.Select 2)Website Attack Vectors. 3.Select 1)Java Applet Attack Method. 4.Selec 阅读全文

摘要： Metasploit Target Server: Kioptrix Level 1 (1) Start the Metasploit on Kali Linux. (2) Set the module and options. (3)Exploit the Kioptrix Level 1 ser 阅读全文

摘要： File transfer type： 1. HTTP Transfer files through the website. 2.wget 3.FTP python FTP (1)Install python FTP on the Kali Linux. (2)Move to the target 阅读全文

摘要： Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on your server. http://www.dvwa.co.uk/ Install XAMPP an 阅读全文

摘要： Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vulnhub.com/entry/pentester-lab-php-include-and-post- 阅读全文

摘要： SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-c 阅读全文

摘要： Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. 2.Browser the website http://10.0.0.21 through Firefox. 3. 阅读全文

摘要： Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following website: https://www.vulnhub.com/entry/pentester-lab-xss-a 阅读全文