-
Insecure Deserialization - How to trace down a gadget chain - Other examples in Ruby
linksWeb Application SecurityWeb Security AcademyLabsInsecure DeserializationRemote Code ExecutionGadget ChainsRuby
These are some Ruby examples equivalents of my previous post(about gadget chains in PHP), that show the process of finding gadget chains in Ruby programming language; also as mentioned in one of these articles, there may still be some undiscovered gadget chains for cybersecurity researchers to find. Also there is...
-
Insecure Deserialization - How to trace down a gadget chain
This article explains clearly the process of finding a sample gadget chain and then writing a small code to build the payload for insecure deserialization exploitation in cases where there are no existing pre-built gadget chains. External Links Insecure Deserialization - How to trace down a gadget chain References Icon...
-
Learn Regex step by step, from zero to advanced
Learning Regex is easier than you think. You can use this tool to easily learn, practice, test and share Regex. External Links Learn Regex step by step, from zero to advanced. References Icon made by Freepik from www.flaticon.com ↩
-
The God Equation: The Quest for a Theory of Everything
Amazon Description #1 NEW YORK TIMES BEST SELLER • The epic story of the greatest quest in all of science—the holy grail of physics that would explain the creation of the universe—from renowned theoretical physicist and author of The Future of the Mind and The Future of Humanity When Newton...
-
Lab: Exploiting PHP deserialization with a pre-built gadget chain
blogWeb Application SecurityWeb Security AcademyLabsInsecure DeserializationRemote Code ExecutionGadget ChainsPHPPHPGGC
Lab Link Lab: Exploiting PHP deserialization with a pre-built gadget chain Lab Description This lab has a serialization-based session mechanism that uses a signed cookie. It also uses a common PHP framework. Although you don’t have source code access, you can still exploit this lab’s insecure deserialization using pre-built gadget...
-
Cross-site WebSocket hijacking (CSWSH)
See the first link below to become familiar with various Cross-site WebSocket hijacking (CSWSH) attacks. If you are not familiar with Websocket vulnerabilities, take a look at the second link for more details. External Links Cross-site WebSocket hijacking (CSWSH) — PortSwigger Testing for WebSockets security vulnerabilities — PortSwigger References Icon...
-
Expert Lab: Reflected XSS in a JavaScript URL with some characters blocked
Lab Link Lab: Reflected XSS in a JavaScript URL with some characters blocked Lab Description This lab reflects your input in a JavaScript URL, but all is not as it seems. This initially seems like a trivial challenge; however, the application is blocking some characters in an attempt to prevent...
-
Expert Lab: Web Shell Upload via Race Condition
blogWeb Application SecurityWeb Security AcademyExpert LabsFile Upload VulnerabilitiesRace Condition VulnerabilitiesTurbo IntruderExiftool
Lab Link Lab: Web shell upload via race condition Lab Description This lab contains a vulnerable image upload function. Although it performs robust validation on any files that are uploaded, it is possible to bypass this validation entirely by exploiting a race condition in the way it processes them. To...
-
Hide Malicious Shell in Image File
linksWeb Application SecurityWeb Security AcademyLabsFile Upload VulnerabilitiesMalicious MetadataExiftool
There are many ways to bypass flawed validation of file uploads to upload web shells on web applications, this link explains some ways like creating a polyglot image file containing malicious code in its metadata using tools like exiftool, this method is interesting, check it out. Also you can practice...
-
Duolingo: An Effective Way to Learn a New Language
Learning a new language can be hard and time-consuming but with a proper method, it can be fun and smooth. Duolingo is a very fun and effective way to learn a new language. It has many great features. One of them is streak, which is built if you complete your...
