Ataques de asignación masiva (Mass-Asignment Attack) o Parameter Binding - Hacking Notes
Apuntes de la vulnerabilidad Mass-Asignment o Parameter Binding (Spanish)
Recent Posts
Ataques de asignación masiva (Mass-Asignment Attack) o Parameter Binding - Hacking Notes
Abuso de subidas de archivos - Hacking Notes
Apuntes de abuso de subidas de archivos (Spanish)
Docker Cheat Sheet - Hacking Notes
Docker Commands Cheat Sheet (Spanish)
Ataques de Deserialización - Hacking Notes
Apuntes de ataques de deserialización (Spanish)
Abuso de APIs - Hacking Notes
Ejemplos de abuso de APIs (Spanish)
Archetype - Hack The Box
In this machine, we take advantage of an SMB misconfiguration, exploit an MSSQL database, and escalate privileges through regular expressions in a Windows system.
Responder - Hack The Box
In this machine, we exploit LLMNR/NBT-NS poisoning to capture NTLMv2 hashes and crack them.
Sequel - Hack The Box
In this machine we are taking advantage of misconfigured MariaDB server credentials.
Redeemer - Hack The Box
In this machine, we are exploiting a misconfigured Redis service that has no credentials.
Crocodile - Hack The Box
In this machine, we are taking advantage of FTP anonymous login and exploiting the login anel with Hydra.