mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-14 00:47:24 +00:00
GitBook: [#3680] No subject
This commit is contained in:
parent
e4a87540ab
commit
d1d70d41a3
6 changed files with 11 additions and 3 deletions
BIN
.gitbook/assets/image (1) (4) (1).png
Normal file
BIN
.gitbook/assets/image (1) (4) (1).png
Normal file
Binary file not shown.
After Width: | Height: | Size: 177 KiB |
Binary file not shown.
Before Width: | Height: | Size: 177 KiB After Width: | Height: | Size: 26 KiB |
Binary file not shown.
Before Width: | Height: | Size: 26 KiB After Width: | Height: | Size: 30 KiB |
|
@ -591,7 +591,15 @@ If you found a **Local File Inclusion** and you **can exfiltrate the path** of t
|
|||
[lfi2rce-via-compress.zlib-+-php\_stream\_prefer\_studio-+-path-disclosure.md](lfi2rce-via-compress.zlib-+-php\_stream\_prefer\_studio-+-path-disclosure.md)
|
||||
{% endcontent-ref %}
|
||||
|
||||
### References
|
||||
### To Fatal Error
|
||||
|
||||
If you include any of the files `/usr/bin/phar`, `/usr/bin/phar7`, `/usr/bin/phar.phar7`, `/usr/bin/phar.phar`. (You need to include the same one 2 time to throw that error).
|
||||
|
||||
**I don't know how is this useful but it might be.**
|
||||
|
||||
<figure><img src="../../.gitbook/assets/image (1).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
## References
|
||||
|
||||
[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal)\
|
||||
[PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal/Intruders](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal/Intruders)
|
||||
|
|
|
@ -231,7 +231,7 @@ You may have seen this screen when downloading some executables from the interne
|
|||
|
||||
Microsoft Defender SmartScreen is a security mechanism intended to protect the end user against running potentially malicious applications.
|
||||
|
||||
<figure><img src="../.gitbook/assets/image (1).png" alt=""><figcaption></figcaption></figure>
|
||||
<figure><img src="../.gitbook/assets/image (1) (4).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
SmartScreen mainly works with a reputation-based approach, meaning that uncommonly download applications will trigger SmartScreen thus alerting and preventing the end user from executing the file (although the file can still be executed by clicking More Info -> Run anyway).
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ Fortunately, as an admin, you can remotely interact with DCOM with PowerShell by
|
|||
|
||||
It is then possible to invoke the `ExecuteShellCommand` method to start a process on the remote host:
|
||||
|
||||
![](<../../.gitbook/assets/image (1) (4).png>)
|
||||
![](<../../.gitbook/assets/image (1) (4) (1).png>)
|
||||
|
||||
## ShellWindows & ShellBrowserWindow
|
||||
|
||||
|
|
Loading…
Reference in a new issue