-
Beginner’s Guide To OSCP 2023
A valuable guide for beginners on how to get prepared for the OSCP certification exam. External Links Beginner’s Guide To OSCP 2023 References Icon made by Graphiqa from www.flaticon.com ↩
-
Expert Lab: Server-side Template Injection with a Custom Exploit
blog
Web Application Security
Web Security Academy
Expert Labs
Server-Side Template Injection
SSTI
PHP
Twig
Lab Link Lab: Server-side template injection with a custom exploit Lab Description This lab is vulnerable to server-side template injection. To solve the lab, create a custom exploit to delete the file /.ssh/id_rsa from Carlos’s home directory. You can log in to your own account using the following credentials: wiener:peter...
-
Expert Lab: Developing a custom gadget chain for PHP deserialization
blog
Web Application Security
Web Security Academy
Expert Labs
Insecure Deserialization
Remote Code Execution
Gadget Chains
PHP
Lab Link Lab: Developing a custom gadget chain for PHP deserialization Lab Description This lab uses a serialization-based session mechanism. By deploying a custom gadget chain, you can exploit its insecure deserialization to achieve remote code execution. To solve the lab, delete the morale.txt file from Carlos’s home directory. You...