Pinned Loading

1. Malicious-PowerShell-Dataset Malicious-PowerShell-Dataset Public

   Malicious PowerShell Dataset

   PowerShell 11 1

2. IOT-GATE IOT-GATE Public

   (multidisciplinary project) IOT-GATE is an NIDS for IOT networks

   Python 7

3. team0se7en/CTF-Writeups team0se7en/CTF-Writeups Public

   writeups for Capture The Flag Competitions

   Python 15 1

4. A writeup to web ctf challenge by sh... A writeup to web ctf challenge by shellmates, command injection, a privesc.

   1

   # Writeup Web Shellmates 

   2

   First glance at the application, it was using the command "ping -c 1 $arg" you can see that from the output of the command "Ping Service" web title, so my first try was command injection using ";id" as semicolen is a command separter, i got "okay boomer" XD, so there was some kind of filter,than I tried the pipe "|" as it acts as a command separter and pipe the stdout of the previous command to the stdin of the next one, we just need it as a command separator, tried "cat /etc/passwd" to see what users are available but got "okay boomer" again so we know it's filtering spaces and semicolons,tried "cat</etc/passwd" and it worked:

   3

   ```

   4

   root:x:0:0:root:/root:/bin/bash

   5

   daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin

5. E-Clinic E-Clinic Public

   E-Clinic is a multidisplinary school project, it's a managment web app for the school doctor with additional web/mobile app for the patient.

   JavaScript 5 3