Ok, kinda “fresh” post, now about windows. How is that simple to just see what is going on in /boot/efi partition right from windows, as simple as from *nix, right? NO! according https://technet.microsoft.com/en-us/library/hh825686.aspx should got flag 0x0000000000000001 So you need to manually give it a letter, as from above. And as far as it system partition, to […]Read more "Access to system partition from Windows"
Introduction This document will guide you to exploit the CSRF (Cross Site Request Forgery) vulnerability step by step wherein an attacker can launch the CSRF attack against the valid application user and update the details. It will also give an idea to mitigate these risks under the recommendations section. Since this was a real-time attack […]Read more "Real time CSRF exploitation"
from gist.github vagrant_dvwa.sh #!/usr/bin/sh ordinaryPack=”docker nc tcsh unzip” servPack=”httpd mariadb-server php-mysql php” passwdResetURL=”https://gist.githubusercontent.com/kaldown/1a0df9af50b6d08ddc32/raw/bfaf3bf4e610649437ae6ee72a1c3e3d9e7d3538/rootPasswdReset” yum update -y yum install -y $servPack $ordinaryPack systemctl enable httpd.service systemctl enable mariadb.service curl $passwdResetURL >> /tmp/rootPasswdReset mysqld_safe –user=mysql –init-file=/tmp/rootPasswdReset wget -P /tmp https://github.com/RandomStorm/DVWA/archive/v1.0.8.zip unzip /tmp/v1.0.8.zip -d /var/www/html mv /var/www/html/DVWA-1.0.8 /var/www/html/dvwa sed -i ‘s/p@ssw0rd/sqlpasswd/g’ /var/www/html/dvwa/config/config.inc.php sed -i ‘s/^/#/g’ /etc/httpd/conf.d/welcome.conf systemctl start […]Read more "vagrant provision shell from gist.github"
Finally I’ve found the solution with problem described above. As always – firstly better to take a look in github (hello rkn) Here some sort of: If you will for first time, Vagrantfile will mount your ./workdir to /vagrant filesystem on Guest. But each time I yum update (chef/centos-7.0 box) – something goes wrong and […]Read more "mount -t vboxsf: No such device"