m4luk0@home:~$

  • File Inclusion

    What is it? File Inclusion is a vulnerability with two variants, local and remote, the local one allows the attacker to read files from the system and the remote one allows the attacker to read files from the internet, we will see the usefulness of the latter later. Local File...

  • Command Injection

    Hello everyone, today I start a series of blogs where I will explain web vulnerabilities, how to exploit them, fix them and I will leave references where to get more information and practice. What is it? Command injection is a vulnerability that allows the attacker to execute OS commands on...

  • Persistent monitoring

    Today we will be using shelljack to monitor the bash of a victim with persistence. Setting up the lab We will need an attacking machine with netcat installed and a victim machine with git and Shelljack. To install shelljack on the victim’s machine: git clone https://github.com/emptymonkey/ptrace_do.git cd ptrace_do make cd...