Hi.
When I upload a file to website with different maneuvers, I was able to upload currapted file, than I find the file, open it, and see here is such a shuth (img bellow). I tried to change the meta-data for this file and upload again and again with different exploits, but so far nothing has been able to find via this file (algorithm).
Plz give me an advise what I can check more \ or what I can interesting upload (send) over this file to server.
Thanks.
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Use Wireshark to Steal Your Own Local Passwords
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
How To:
Attack Web Applications with Burp Suite & SQL Injection
How To:
Steal Usernames & Passwords Stored in Firefox on Windows 10 Using a USB Rubber Ducky
How To:
Dox Anyone
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Find Passwords in Exposed Log Files with Google Dorks
How To:
Spy on Traffic from a Smartphone with Wireshark
How To:
Create Rainbow Tables for Hashing Algorithms Like MD5, SHA1 & NTLM
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
Hacking macOS:
How to Hack a Mac Password Without Changing It
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
4 Responses
I hope this is a legal pentesting. You can try this or this
Yes, it's legal pentest, try help to close different vulnerabilities in one site (unfortunately I can't say url). Thanks, will take a look on this. But if some one will have any other ideas - will be thankful
Unfortunately none of these manuals are not helped to compromise the site. Add just, that the site uses web-server nginx... so, question still open..
Have you already checked all inputs (user inputs, browser headers, cookies...) for sql injection ?
Share Your Thoughts