vulnerability

05 Jul

Server side (vulnerability scanning)

stp2y0 CommentsNewscoding, community, development, dirbuster, engineering, inclusive, server, skipfish, software, vulnerability

Ethical HackingVisit the github project: https://github.com/samglish/ServerSide Tools Skipfish Owasp Disrbuster Webslayer Nmap Nessus The first scanner we will use Nmap to see the services running, launch nmap. nmap -sV 145.14.145.161 Enter fullscreen mode Exit fullscreen mode output Starting Nmap 7.91 ( https://nmap.org ) at 2024-07-04 22:50 WAT Nmap scan report for 145.14.145.161 Host is up (0.28s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 21/tcp open ftp? 80/tcp open http awex 443/tcp open ssl/https awex 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : Enter fullscreen mode Exit…

24 Jun

buffer Overflow (Application Vulnerability)

stp2y0 CommentsNewsbufferoverflo, coding, community, development, engineering, inclusive, software, vulnerabilities, vulnerability

https://github.com/samglish/bufferOverflow/ In french dépassement de tampon ou débordement de tampon copy data without checking size.A bug whereby a process, when writing to a buffer, writes outside the space allocated to the buffer, thus overwriting information necessary for the process. Most common exploitation stack overflow Injection of a shellcode on the stack and calculation of its address Overflow of a variable on the stack Overwriting SEIP with the shellcode address A C program to demonstrate buffer overflow #include <stdio.h> #include <string.h> #include <stdlib.h> int main(int argc, char *argv[]) { // Reserve 5 byte of buffer plus the terminating NULL. // should…