전체 글 (304) 썸네일형 리스트형 Lab: SSRF with blacklist-based input filter https://portswigger.net/web-security/ssrf/lab-ssrf-with-blacklist-filter Lab: SSRF with blacklist-based input filter | Web Security Academy This lab has a stock check feature which fetches data from an internal system. To solve the lab, change the stock check URL to access the admin interface at ... portswigger.net http://localhost 요청과 http://127.0.0.1 요청 모두 차단되어 진다. 그래서 아래 그.. Lab: Basic SSRF against the local server https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost Lab: Basic SSRF against the local server | Web Security Academy This lab has a stock check feature which fetches data from an internal system. To solve the lab, change the stock check URL to access the admin interface at ... portswigger.net 재고 확인을 위해 Check stock을 누르면 POST 요청이 발생하고, stockApi 매개변수로 URL이 전달되어진다.. Lab: CSRF where token validation depends on request method https://portswigger.net/web-security/csrf/bypassing-token-validation/lab-token-validation-depends-on-request-method Lab: CSRF where token validation depends on request method | Web Security Academy This lab's email change functionality is vulnerable to CSRF. It attempts to block CSRF attacks, but only applies defenses to certain types of requests. To ... portswigger.net 해당 문제.. Lab: CSRF vulnerability with no defenses https://portswigger.net/web-security/csrf/lab-no-defenses Lab: CSRF vulnerability with no defenses | Web Security Academy This lab's email change functionality is vulnerable to CSRF. To solve the lab, craft some HTML that uses a CSRF attack to change the viewer's email address ... portswigger.net 해당 문제의 사이트에는 My Account page가 존재한다. 해당 페이지에서, email 업데이트 및 확인이 가능하다. email 업데이트 .. Lab: DOM XSS in document.write sink using source location.search https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink Lab: DOM XSS in document.write sink using source location.search | Web Security Academy This lab contains a DOM-based cross-site scripting vulnerability in the search query tracking functionality. It uses the JavaScript document.write function, ... portswigger.net 해당 Search form에 XSS P.. Webhacking.kr : old-27 Webhacking.kr: old-59 if($_POST['lid'] && isset($_POST['lphone'])){ $_POST['lid'] = addslashes($_POST['lid']); $_POST['lphone'] = addslashes($_POST['lphone']); $result = mysqli_fetch_array(mysqli_query($db,"select id,lv from chall59 where id='{$_POST['lid']}' and phone='{$_POST['lphone']}'")); if($result['id']){ echo "id : {$result['id']} lv : {$result['lv']} "; if($result['lv'] == "admin"){ mysqli_qu.. Webhacking.kr : old-58 입력 폼에 help 명령을 통해, 어떤 명령어를 입력할 수 있는지 확인하였고, flag 명령을 send 해 보았다. flag 명령을 send 하면, 그림 2와 같이 Permission denied 란 결과가 나오며, admin 만이 flag 명령을 사용할 수 있다는 것을 확인할 수 있다. 그림 3과 같이 버프슈트를 통해, guest -> admin 으로 변경 후 socket 통신을 진행한다. 그 결과 FLAG가 출력되는 것을 확인할 수 있다. $(function () { var username = "guest"; var socket = io(); $('form').submit(function(e){ e.preventDefault(); socket.emi.. 이전 1 ··· 15 16 17 18 19 20 21 ··· 38 다음
