Article

Ligolo-ng stands out as a straightforward, lightweight, and high-speed tool specifically designed for penetration testers to create tunnels through a reverse TCP/TLS connection using a tun interface, eliminating the need for SOCKS proxies. / / (_)___ _____ / /___ ____ ____ _ / / / / __ `/ __ \/ / __ \______/ __ \/ __ `/ / /___/ / /_/ / /_/ / / /_/ /_____/ / / / /_/ / /_____/_/\__, /\____/_/\____/ /_/ /_/\__, / /____/ /____/ Cheat Sheet Here’s a cheat sheet with the most commonly used commands:...

Introduction In some environments, the root user on a networked file system is treated as an unprivileged user. This is known as “root squashing.” If root squashing is disabled, an attacker who gains access to an unprivileged account on the file system may be able to escalate their privileges to root. Demonstration Attacker machine Create a directory named /tmp/mount: mkdir /tmp/mount Mount the network file system to /tmp/mount: mount -t nfs <IP>:<SHARED_FOLDER> /tmp/mount Copy the /bin/bash binary from the attacker’s system to the mounted file system:...

Introduction LFI (Local File Inclusion) is a common vulnerability found in web applications, allowing an attacker to include local files in the server. LFI Log Poisoning is a technique that leverages LFI vulnerabilities to write arbitrary content to log files on the server. By doing so, an attacker can leverage a LFI to a RCE. This is the path of a vulnerable LFI : http://127.0.0.1/index.php?page=/../../../../etc/passwd The local file can be read :...