Mango HackTheBoxta 30 puanlık “Orta” kategorisinde bir makine. Makine üzerinde mongodb injection atağına karşı zafiyetli bir uygulama çalışıyor. Bir saldırgan login sayfasını atlatmak yerine veri...
HackTheBox-Mango Writeup
Mango is a 30 pts box on HackTheBox and it is rated as “Medium”. It has an application running that was vulnerable to mongodb injection. An attacker needs to extract data from db rather than bypa...
HackTheBox - Registry Çözümü
Registry HackTheBoxta 40 puanlık “Zor” kategorisinde bir makine. Makine üzerinde kolay, tahmin edilebilir bir şifre kullanılmış private docker registry sunucusu mevcut. Bu sunucudaki docker imajı...
HackTheBox - Registry Writeup
Registry was a 40 pts box on HackTheBox and it was rated as “Hard”. It had a private docker registry that was protected with a common password allowing attackers to pull the docker image. Docker ...
Manage Engine ServiceDesk Plus Version 9.3 Privileged Account Hijacking CVE-2019-10008
Overview CVE-2019-10008 Allows any user of ServiceDesk Plus to authenticate as another user. Bypassing Authentication Guest to NT AUTHORITY/SYSTEM SHELL Ata Hakçıl, Melih Kaan Yıldız Platform all...