Browsing the "kacper" Tag

NGINX: misconfigurations examples

February 25th, 2020 📆 | 2977 Views ⚑

Nginx is a fast and efficient HTTP server. We can quickly publish our website on the Internet with its help.

Tagged with:




Excel: CSV Injection

March 27th, 2019 📆 | 8342 Views ⚑

Today’s episode is about functionality that can be used for phishing attacks. Subscribe: https://www.youtube.com/c/KacperSzurekEN?sub_confirmation=1 It may be found on every

Tagged with:




[OWASP Top 10] A3: Sensitive Data Exposure – Ekspozycja wrażliwych danych

February 22nd, 2019 📆 | 8292 Views ⚑

Dzisiaj o ekspozycji wrażliwych danych czyli o wydobyciu przez atakującego informacji, których nie powinien posiadać. Subskrybuj kanał: https://www.youtube.com/c/KacperSzurek?sub_confirmation=1 A jest

Tagged with:




YAML: code execution using !!python/object

February 19th, 2019 📆 | 3245 Views ⚑

A popular opinion says to not use the pickle class on a data given by user because on deserialization it

Tagged with:




How to create a Metasploit module in example

January 7th, 2019 📆 | 4189 Views ⚑

Based on ManageEngine Exchange Reporter Plus Unauthenticated Remote Code Execution exploit. Subscribe: https://www.youtube.com/c/KacperSzurekEN?sub_confirmation=1 Exploit: https://github.com/kacperszurek/exploits/blob/master/ManageEngineExchangeReporterPlus/manageengine_adshacluster_rce.rb Vulnerable app to download: https://mega.nz/#!XG5CTC5I!IuG91CbrcdcpQj4teYRiBWNwy9pULRkV69U3DQ6nCyU

Tagged with: