Hackholics

addicted to hacking

Tag

vulnerable

Hackfest2016: Quaoar CTF Walkthrough

Its around 23:00 here and I’m pretty bored, so whats more fun to do than playing around with Vulnhub CTF’s. I was looking for something easy, I’m to bored right now to get my mind work , hehe ! Looking… Continue Reading →

Acid Server CTF

This VM, provided by VulnHub Hello there , here I am again solving an old boot2root vulnerable Vm from VulnHub. Before going further let me tell you that there are more than one way to get root on this vm,… Continue Reading →

WordPress plugin leaves up to 70k sites vulnerable to stored xss

Recently we discover a stored Cross Site Scripting in a WordPress plugin which is installed in our website. It also effects more that 70.000 WordPress users. We immediately get in work and find a fix for that. After fixing the… Continue Reading →

Reflected XSS

The above code is vulnerable to reflected xss but is has some filtering on it. Try to bypass it and excecute a javascript code <?php         $NAME=$_GET[‘name’];         $NAMESAN=strtoupper(htmlspecialchars($NAME));         echo “<HTML><body>”;         echo ‘<form action=””>’;         echo “First name:… Continue Reading →

Stored XSS

This code is vulnerable to xss , can you spot where it is and how to exploit it ? $name    = trim( $_POST[ ‘name’ ] ); $name = preg_replace( ‘/<(.*)s(.*)c(.*)r(.*)i(.*)p(.*)t(.*)>/i’, ”, $name ); $message = preg_replace( ‘/<(.*)s(.*)c(.*)r(.*)i(.*)p(.*)t(.*)>/i’, ”, $message );… Continue Reading →

© 2017 Hackholics — Powered by WordPress

Theme by Anders NorenUp ↑