jm33_ng
  • Course notes
  • Ctf
  • Misc
  • Pentest
  • Programming
  • Tools
  • Vulnerabilities

jm33_ng


an infosec newbie's tech blog

Pentest Diary - 1

Date Thu 21 July 2016 Tags pentest / google hacking / sqli / sqlmap / reverse shell / router / login bypass

An SQLi

Find a target by googling

  • Yea, before googling for your target, do a research on your target system, pay attention to:

    • Version number on every page?
    • Identical keywords?
    • What's in the target URL?
    • Use - to avoid irrelevant search results

  • My google search results for CVE-2014-1945

    "welcome to opendocman …

View comments.

more ...

About jm33

Who

  • ASU / weaponizer / linux user / vimer / pythonist / gopher / gray hat / male / siscon / freak

Contact

  • Resume

  • 3A5DBF07

  • Leave a message

  • Social

    • Twitter
    • LinkedIn
    • StackOverflow
    • Github

  • Recent Posts

    • Pentest Diary - 1

  • Tags
    • 443
    • active directory
    • ad
    • announcement
    • anonymity
    • antivirus
    • anyconnect
    • apache
    • assembly
    • asu
    • baidu
    • blackhat
    • bridge
    • buffer overflow
    • C#
    • career
    • censorship
    • change
    • cisco
    • code maintainance
    • compton
    • Coursera
    • crypto
    • cryptography
    • ctf
    • CVE
    • CVE-2018-18955
    • CVE-2018-7750
    • dairy
    • Diary
    • DNS污染
    • DPI
    • email
    • emp3r0r
    • exploit
    • file transfer
    • gf
    • gfw
    • github
    • Glowing Bear
    • golang
    • google hacking
    • great wall
    • greatwall
    • hacking
    • hacking tool
    • HiWiFi
    • HTTP2
    • https
    • injection
    • IRC
    • 极路由
    • Joomla
    • KCP
    • kcptun
    • kernel
    • killer
    • lede
    • life
    • linux
    • linux kernel
    • lkm
    • local privilege escalation
    • log cleaner
    • login bypass
    • LPE
    • macos
    • mass exploit
    • mec
    • memory layout
    • mentohust
    • Misc
    • mouse
    • multi-threaded crawler
    • mysql
    • namespace
    • natural scroll
    • netcat
    • network
    • nic
    • nikto
    • nmap
    • obfs4
    • obfsproxy
    • ocserv
    • openwrt
    • OSIN
    • paramiko
    • pentest
    • pep8
    • PGP
    • php
    • pi
    • plan
    • port-forwarding
    • post-exploitation
    • privilege escalation
    • programming
    • project
    • proxy
    • ptrace
    • PTRACE_TRACEME
    • pythonic
    • QQ
    • quote
    • RCE
    • reverse shell
    • reversing
    • rootkit
    • router
    • s2-045
    • scanner
    • scramblesuit
    • SEED lab
    • shadowsocks
    • shadowsocks-plus
    • shellcode
    • skydog
    • smartphone
    • socket
    • sqli
    • sqlmap
    • SS
    • ssh
    • sshd
    • SSL
    • Stanford
    • sudo
    • switch
    • systemd
    • Thomas Jefferson
    • TMUX
    • tools
    • Tor
    • trasparent proxy
    • vim
    • virtualbox
    • vpn
    • wayland
    • web
    • weechat
    • windows
    • windows domain
    • windows server
    • xfce4
    • xfwm
    • xhost
    • xml
    • xmpp
    • zoomeye
© 2016 jm33-ng - About this site

Creative Commons License Content licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where indicated otherwise.

Images hosted on this site are either my own or from Google Image Search