banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

漏洞复现

cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

春秋云镜靶场--Certify记录

Certify是一套难度为中等的靶场环境,完成该挑战可以帮助玩家了解内网渗透中的代理转发、内网扫描、信息收集、特权提升以及横向移动技术方法,加强对域环境核心认证机制的理解,以及掌握域环境渗透中一些有趣的技术要点。该靶场共有4个flag,分布于不同的靶机。
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

game of active directory(GOAD) part 1 侦查和扫描

前言 最近家里的电脑有时间打开了,就开始做下 GOAD 靶场实验,GOAD 靶场的 writeup 先根据作者的流程走,后期学完可以做些自我理解及补充。 环境搭建参考之前的博客:https://lca.xlog.app/game-of-active-directoryGOAD…
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

ATT&CK红队评估实战靶场-1

靶场来自:http://vulnstack.qiyuanxuetang.net/vuln/detail/2/ 简单的一个靶场,本来用作学生的考核的,但是没用到,横向的域渗透也只是用了 cobalt strike 上的 psexec 模块,主要的内容是熟悉一些渗透的流程。 靶场有…
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

SSRF(服务器跨站请求伪造)基础知识

很多 Web 应用都提供了从其他服务器上获取数据的功能,这种功能通常被称为 “外部资源加载”。通过使用用户指定的 URL,Web 应用可以执行各种操作,如获取图片、下载文件、读取文件内容等。然而,如果这个功能被恶意使用,攻击者可以利用存在缺陷的 Web 应用作为代理…
cover
cover
cover
cover

Apache RocketMQ代码注入漏洞复现(CVE-2023-33246)

Apache RocketMQ 5.1.0及之前版本存在代码注入漏洞,该漏洞源于存在远程命令执行漏洞,攻击者可以利用该漏洞利用更新配置功能以系统用户身份执行命令。
cover
cover
cover
cover
cover

spring4shell环境搭建及漏洞(CVE-2022-22965)复现

spring4shell 环境搭建 docker 搭建,原项目如下:https://github.com/jbaines-r7/spring4shell_vulnapp docker 目录结构如下: src 目录下是编译后的 app 原项目无法构建成功,少了…
cover
cover
cover
cover
cover
cover
cover

O2OA invoke后台远程命令执行漏洞

O2OA是一款开源免费的企业及团队办公平台,提供门户管理、流程管理、信息管理、数据管理四大平台,集工作汇报、项目协作、移动OA、文档分享、流程审批、数据协作等众多功能,满足企业各类管理和协作需求。 O2OA系统invoke 接口存在远程代码执行漏洞。攻击者可利用漏洞执行任意代码。
cover
cover
cover
cover

Apache Commons Configuration远程命令执行漏洞漏洞复现

该漏洞是由于 Apache Commons Configuration 提供的 Configuration 变量解释功能存在缺陷,攻击者可利用该漏洞在特定情况下,构造恶意数据执行远程代码。
Ownership of this blog data is guaranteed by blockchain and smart contracts to the creator alone.