Mika's Blog

Sysadmin, Network & Infosec
Menu Close
  • Accueil
  • system
  • network
  • infosec
  • CVE Disclosures
  • Pentest CheatSheet
  • Random Post
2

My first CVE (2021-24856) – WordPress Plugin 4.7 (7)

Posted on 18 octobre 2021 by Mika

2 min read The plugin does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks. Continuer la lecture →

infosec cve, findings, pentest, security, web, wordpress, xss
0

[TryHackme] – Empline 5 (5)

Posted on 20 septembre 2021 by Mika

4 min read Are you good enough to apply for this job ? Continuer la lecture →

infosec ctf, CVE-2019-13358, linux, pentest, ruby, tryhackme, web, writeup, xxe
0

BTLO – Network Analysis – Web Shell 5 (5)

Posted on 20 août 2021 by Mika

4 min read The SOC received an alert in their SIEM for ‘Local to Local Port Scanning’ where an internal private IP began scanning another internal system. Continuer la lecture →

infosec, network blueteam, btlo, infosec, network, writeup
0

HackTheBox : Shocker 5 (5)

Posted on 9 juillet 2021 by Mika

3 min read Shocker is a retired HTB (Hack The Box) machine that is based on the ShellSock vulnerability, in this machine we will not use metasploit. Continuer la lecture →

infosec ctf, hackthebox, linux, pentest, shellshock, writeup
2

Linux Privilege Escalation : Docker Group 4.9 (7)

Posted on 29 juin 2021 by Mika

3 min read In this article, we will go from a lambda user with no rights but in the docker group to the root user using a wrong configuration and use of docker. Continuer la lecture →

infosec, system ctf, docker, infosec, linux, pentest
0

CloudFlare : Real visitor IPs in Nginx logs 5 (4)

Posted on 2 juin 2021 by Mika

2 min read Real visitor IPs in Nginx logs when using CloudFlare. Continuer la lecture →

system cloudflare, nginx, security
0

[TryHackme] – Gallery 4.3 (15)

Posted on 24 mai 2021 by Mika

4 min read Gallery is a tryhackme room designed by me. You will exploit an SQL injection and deal with a custom script to escalate to the root user. Continuer la lecture →

infosec, system cve, linux, privesc, sqli, tryhackme, writeup
2

FCSC 2021 : BaguetteVPN 2 4.9 (12)

Posted on 3 mai 2021 by Mika

3 min read Voici le write up du challenge Baguette VPN n°2 du France Cybersecurity Challenge (FCSC 2021)

Le but est de récupérer le secret contenu dans l’API. Continuer la lecture →

infosec crlf, ctf, fcsc, pentest, python, web, writeup
5

Linux Privilege Escalation : Python Library Hijacking 4.2 (10)

Posted on 22 avril 2021 by Mika

3 min read Linux Privilege Escalation with Python Library Hijacking.

Python will prioritize the execution of our malicious module instead of the usual path Continuer la lecture →

infosec, system ctf, infosec, linux, pentest, python
0

Port forwarding with Chisel 4.9 (7)

Posted on 26 mars 2021 by Mika

2 min read In our example, we will forward a local port from the target machine to our kali machine using chisel. Continuer la lecture →

infosec, network chisel, firewall, infosec, linux, port forwarding

Navigation des articles

Articles Précédents

Buy me a coffee

TryHackMe

TryHackMe

Newsletter

Loading

HACKER’S PLAYGROUND

Active Directory labs

Inf0sec Labs

Articles récents

  • My first CVE (2021-24856) – WordPress Plugin
  • [TryHackme] – Empline
  • BTLO – Network Analysis – Web Shell
  • HackTheBox : Shocker

Flux ZDNET

  • Chrome OS : Une nouvelle mise à jour dans les pas d'Apple 1 juillet 2022
  • ZDTech : Routeurs, des cibles privilégiées pour les pirates 1 juillet 2022

Flux The Hacker News

  • Amazon Quietly Patches 'High Severity' Vulnerability in Android Photos App 1 juillet 2022
  • Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers 1 juillet 2022

Flux I Learned Blog

  • Comment fonctionne la compilation de programme 14 juin 2022
  • Découverte de Anki — Plongée dans le fonctionnement de la mémoire — Partie 2 6 mai 2022

Commentaires récents

  • Mika dans My first CVE (2021-24856) – WordPress Plugin
  • Moussa C. dans My first CVE (2021-24856) – WordPress Plugin
  • Mika dans Linux Privilege Escalation : Docker Group
  • escuchame dans Linux Privilege Escalation : Docker Group
  • Mika dans Installer facilement Cisco Packet Tracer sous Linux

Archives

  • octobre 2021 (1)
  • septembre 2021 (1)
  • août 2021 (1)
  • juillet 2021 (1)
  • juin 2021 (2)
  • mai 2021 (2)
  • avril 2021 (1)
  • mars 2021 (2)
  • février 2021 (2)
  • janvier 2021 (4)
  • décembre 2020 (3)
  • novembre 2020 (5)
  • octobre 2020 (2)

Étiquettes

active directory base2 blueteam bruteforce btlo chisel cisco cloudflare config crlf ctf cve CVE-2019-13358 ddos debian docker fcsc findings firewall forwarding hackthebox hydra infosec learn linux network nginx packet tracer pentest port forwarding privesc python ruby security shellshock sqli sysadmin tcp tryhackme vlan web wordpress writeup xss xxe

LEGAL PAGES

  • Terms and Conditions
© 2022 Mika's Blog. All rights reserved.
Hiero by aThemes
fr Français
ar العربيةzh-CN 简体中文nl Nederlandsen Englishfr Françaisde Deutschit Italianoja 日本語ko 한국어pt Portuguêsru Русскийes Españoltr Türkçeuk Українська