Accueil
devl00p's infosec stuff
Annuler

Writeups for Huntress 2023 Miscellaneous challenges

Babel Description It’s babel! Just a bunch of gibberish, right? Solution This is not gibberish. This is a C# source code which has been a little bit obfuscated : using System; using System...

01/11/2023

Writeups for Huntress 2023 Malware challenges

Batchfuscation Description I was reading a report on past Trickbot malware, and I found this sample that looks a lot like their code! Can you make any sense of it? Solution We are given a b...

01/11/2023

Writeup for Huntress 2023 M Three Sixty Five challenges (Azure AD)

Description For this challenge, you can connect into a PowerShell Core instance. Note that this is running out of a Linux-based Docker container, so you do not have a full-blown Windows operati...

01/11/2023

Writeups for Huntress 2023 Forensics challenges

Backdoored Splunk Description You’ve probably seen Splunk being used for good, but have you seen it used for evil? NOTE: the focus of this challenge should be on the downloadable file below...

01/11/2023

Faille d'injection SQL dans le plugin Wordpress Loginplus

Présentation du plugin Le plugin Loginplus se présente de cette façon : Login plus changes WordPress Login Logo and Logo Url without altering any core file. See Login Logs like Hacking attempt...

26/10/2023

Faille d'injection SQL dans le plugin Wordpress LogDash Activity Log

Présentation du plugin Le plugin LogDash Activity Log (slug: logdash-activity-log) se présente de cette façon : LogDash Activity Log is the ultimate solution for tracking activities on your Wo...

26/10/2023

Cross-Site Scripting (reflected) dans le plugin Wordpress Like DisLike Voting

Présentation du plugin Le plugin Like DisLike Voting (slug: like-dislike-voting) se présente de cette façon : Get like-dislike rating for your content. You can use the plugin to allow your use...

21/10/2023

Cross-Site Scripting (reflected) dans le plugin Wordpress LH Login Page

Présentation du plugin Le plugin LH Login Page (slug: lh-login-page) se présente de cette façon : This plugin provides a shortcode to include a HTML5 login form on a page on your website and w...

20/10/2023

Cross-Site Scripting (reflected) dans le plugin Wordpress easy AMP

Présentation du plugin Le plugin easy AMP (slug: wp-amp-it-up) se présente de cette façon : The WordPress AMP Plugin for WP – easy AMP create a Google-compliant AMP version of your webpages fo...

19/10/2023

Faille d'injection SQL dans le plugin Wordpress LeaderBoard Plugin

Présentation du plugin Le plugin Wordpress LeaderBoard Plugin (slug: leaderboard-lite) se présente de cette façon : LeaderBoard plugin is to enhance a WordPress site to manage events and Leade...

18/10/2023
Récemment mis à jour