외로운 Nova의 작업실

- wpscan wpscan은 wordexpress 웹페이지의 취약점을 찾아주는 툴입니다. 기본사용법은 아래와 같습니다. wpscan --url {url} - option --disable-tls-checks : tls를 사용하지않습니다. --enumnerate u : 사용하는 user들을 스캔합니다.

- source code // gcc -o oneshot1 oneshot1.c -fno-stack-protector -fPIC -pie #include #include #include #include void alarm_handler() { puts("TIME OUT"); exit(-1); } void initialize() { setvbuf(stdin, NULL, _IONBF, 0); setvbuf(stdout, NULL, _IONBF, 0); signal(SIGALRM, alarm_handler); alarm(60); } int main(int argc, char *argv[]) { char msg[16]; size_t check = 0; initialize(); printf("stdout: %p\n..

1. port scan result address port 10.10.10.3 21,22,139,445 2. initial access - sambd Vulnerability Vulnerability Explanation : when i have scanned, i find out sambd in port 445 and this version was 3.0.20. this version has CVE-2007-2447. this Vulnability be occured by precces that excute script to mapping user name Vulnerability Fix : update smbd version Severity : critical Steps to reproduce the..