Hack the Web like a Pirate: Identifying Vulnerabilities with Style

24 Stories A Hacker’s Tale Ahoy, fellow digital adventurers! Today, we’re embarking on an exciting journey through the vast seas of web applications. Our quest? To uncover hidden treasures, or in this case, vulnerabilities! 1. Setting Sail – Understanding the Scope Before we embark on our hacking adventure, it’s essential to know the lay of…

Navigating the Bounty Seas with Open Bug Bounty

A Hacker’s Tale – Part 2 Welcome back, cyber adventurers, to our world of ethical hacking! In Part One, we set sail on the vast ocean of cybersecurity, armed with knowledge on identifying features, functions, and technologies used in web applications. Now, as we continue our quest for digital treasures, we delve into the fascinating…

Guarding the Cosmos: Securing Your WordPress {wp-config.php}

Prepare for liftoff, fellow space explorers of the digital galaxy! In the boundless expanse of cyberspace, your WordPress website is akin to a spacecraft on an interstellar voyage. At the core of this cosmic vessel lies a vault of unimaginable value—the wp-config.php file. But beware, for this cosmic treasure, if intercepted, can lead to the…

Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892

CloudMe 1.11.2 Buffer OverFlow – Exploit Development.

Febin

Hi,

This is Febin,

Twitter : febinrev

In this Post , I am gonna demonstrate windows Stack buffer overflow and exploit development in CloudMe 1.11.2 .

CloudMe is a cloud storage service. This buffer overflow vulnerability was patched and the exploit is released publicly in 2018 (CVE-2018–6892).

This is a Local Privilege Escalation Vulnerability

This demo will help guys who are preparing for OSCP or equivalent Certifications and also help guys (like me!) who wanna learn advanced hacking and exploit development. There are some executables/apps like “vulnserver” that are intentionally built to be vulnerable for educational purposes, but this is a real life application. So, basically we are developing a real exploit and attacking a real app.

Lets Go!

Collection of information | Google Hacking and Dorks basic

Find the login panel
site: objective.com inurl: admin | administrator | adm | login | l0gin | wp-login

SQL INJECTION
site: target.com intext: “sql syntax near” or “syntax error has occurred” or “incorrect syntax near” or “unexpected end of SQL command” or “Warning: mysql_connect ()” or “Warning: mysql_query ()” or “Warning: pg_connect ()” or “Warning: mysql_fetch_array ()”

site: target.com intext: “sql syntax near” or
“syntax error has occurred”
“incorrect syntax near”
“unexpected end of SQL command”
“Warning: mysql_connect ()”
“Warning: mysql_query ()”
“Warning: pg_connect ()”
“Warning: mysql_fetch_array ()”
“MySQL Query Failed”

PHP Security Check List [ EN ]

PHP: Hypertext Preprocessor is a web-based, server-side, multi-use, general-purpose, scripting and programming language that can be embedded in HTML. The PHP development, which was first created by Rasmus Lerdorf in 1995, is now being run by the PHP community.

The PHP programming language is still used by a large developer. It
is the most known backend programming language. In PHP web applications,
I prepared a list called “php security check list” which security
researchers should know.