Home
Security Blog
Cancel

HackTheBox-Mango Çözümü

Mango HackTheBoxta 30 puanlık “Orta” kategorisinde bir makine. Makine üzerinde mongodb injection atağına karşı zafiyetli bir uygulama çalışıyor. Bir saldırgan login sayfasını atlatmak yerine veri...

HackTheBox-Mango Writeup

Mango is a 30 pts box on HackTheBox and it is rated as “Medium”. It has an application running that was vulnerable to mongodb injection. An attacker needs to extract data from db rather than bypa...

HackTheBox - Registry Çözümü

Registry HackTheBoxta 40 puanlık “Zor” kategorisinde bir makine. Makine üzerinde kolay, tahmin edilebilir bir şifre kullanılmış private docker registry sunucusu mevcut. Bu sunucudaki docker imajı...

HackTheBox - Registry Writeup

Registry was a 40 pts box on HackTheBox and it was rated as “Hard”. It had a private docker registry that was protected with a common password allowing attackers to pull the docker image. Docker ...

Manage Engine ServiceDesk Plus Version 9.3 Privileged Account Hijacking CVE-2019-10008

Overview CVE-2019-10008 Allows any user of ServiceDesk Plus to authenticate as another user. Bypassing Authentication Guest to NT AUTHORITY/SYSTEM SHELL Ata Hakçıl, Melih Kaan Yıldız Platform all...