Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 63 of 86

[LINUX] Plank Dock - ์‹ฌํ”Œํ•˜๊ณ  ๊น”๋”ํ•œ Dock Application

  • 1 min read

๋ฆฌ๋ˆ…์Šค ์œ ์ €๋ผ๋ฉด Dock์„ ์‚ฌ์šฉํ•˜์‹œ๊ฑฐ๋‚˜ ํ•œ๋ฒˆ์ฏค์€ ๊ผญ ๋“ค์–ด๋ดค์„๊ฑฐ๋ผ ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. Dock ์–ดํ”Œ์ด ์•„๋‹ˆ์—ฌ๋„ xfce ํŒจ๋„์ด๋ผ๋˜์ง€, ์œ ๋‹ˆํ‹ฐ์˜ ๊ธฐ๋ณธ dock gnome3์˜ dash dock ๋“ฑ ์ž์—ฐ์Šค๋Ÿฝ๊ฒŒ ์ ‘ํ•˜๊ฒŒ ๋˜์–ด์žˆ์ฃ .

Read More

[LINUX] How to install xfce on blackarch linux

  • ~1 min read

๊ฐœ์ธ์ ์œผ๋กœ gnome๊ณผ xfce๋ฅผ ์ข‹์•„ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ์ค‘์—์„œ๋„ xfce๋ฅผ ์ตœ๊ณ ๋กœ ์ƒ๊ฐํ•˜๋Š”๋ฐ, ๊ทธ ์ด์œ ๋Š” ํด๋ž˜์‹์˜ ์ต์ˆ™ํ•œ ๋Š๋‚Œ๊ณผ ๋น ๋ฅธ ์†๋„ ๋•Œ๋ฌธ์ด์ฃ .

Read More

[LINUX] BlackArch Linux install tip!

  • 1 min read

์ตœ๊ทผ์— OS ๋ฐฐํฌํŒ ๋ณ€๊ฒฝ์„ ์‹œ๋„ํ–ˆ๋‹ค๊ฐ€.. ๋‹ค์‹œ Debian์œผ๋กœ ๋Œ์•„์™”๋Š”๋ฐ์š” (์ด์ œ๋Š” 5์ผ์”ฉ ๋ฐค์„์ƒ ์ˆ˜ ์—†๋„ค์š”.. / ์ธ๊ฐ„์€ ์‹ค์ˆ˜๋ฅผ ๋ฐ˜๋ณตํ•˜์ฃ )

Read More

[HACKING] KALI Linux 2017.2 Release Review (๋ฌด์—‡์ด ๋‹ฌ๋ผ์กŒ์„๊นŒ์š”?)

  • 1 min read

์ง€๋‚œ ์ฃผ ์ˆ˜์š”์ผ Pentesting OS์ธ Kali Linux์˜ 2017.2 ๋ฒ„์ „์ด Release ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ค‘๊ตญ์— ์žˆ์—ˆ๋˜์ง€๋ผ ์ด์ œ์•ผ ์†Œ์‹์„ ์ ‘ํ•˜๊ฒŒ ๋˜์—ˆ๋„ค์š”. ๊ฐ„๋‹จํ•˜๊ฒŒ ๋ฆฌ๋ทฐ ๋“ค์–ด๊ฐ‘๋‹ˆ๋‹ค.

Read More

[WEB HACKING] New attack vectors in SSRF(Server-Side Request Forgery) with URL Parser

  • 5 min read

Blackhat 2017 USA ์ž๋ฃŒ๋ฅผ ๋ณด๋˜ ์ค‘ ํ•˜๋‚˜ ํฅ๋ฏธ๋กœ์šด ๋ฐœํ‘œ ์ž๋ฃŒ๋ฅผ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ฝ๊ณ  ํ…Œ์ŠคํŠธํ•ด๋ณด๋‹ˆ.. ์‹ค๋ฌด์—์„œ ๋ฐ”๋กœ ์“ธ ์ˆ˜ ์žˆ์„์ •๋„์˜ ๊ธฐ๋ฒ•์ด๋”๊ตฐ์š”.

Read More

Metasploit ipknock๋ฅผ ์ด์šฉํ•œ hidden meterpreter shell

  • 6 min read

metasploit์—์„œ payload์— ๋Œ€ํ•ด ์ฐพ์•„๋ณด๋˜ ์ค‘ ipknock์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ฐพ์•„๋ณด๋‹ˆ ์˜ค๋ž˜์ „๋ถ€ํ„ฐ ์žˆ๋˜ ๊ธฐ๋Šฅ์ด์˜€๋Š”๋ฐ, ์ž˜ ํ™œ์šฉํ•˜๋ฉด ์žฌ๋ฏธ์žˆ๋Š” ๋†€๊ฑฐ๋ฆฌ๊ฐ€ ๋˜๊ฒ ๋”๊ตฐ์š”.

Read More

[EXPLOIT] Struts2 REST Plugin XStream RCE ์ทจ์•ฝ์  ๋ถ„์„(feat msf) CVE-2017-9805 / S2-052

  • 2 min read

์ตœ๊ทผ Sturts2 RCE ์ทจ์•ฝ์ ์ด ๋˜ ๋‚˜์™€ ์ด์Šˆ๊ฐ€ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋งค๋ฒˆ RCE ์ทจ์•ฝ์ ์œผ๋กœ ๊ณ ์ƒํ•˜๋Š”๊ฑฐ๋ณด๋ฉด ์•ˆ์“ฐ๋Ÿฝ๊ธฐ๊นŒ์ง€ ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ๋”ฐ๋ˆ๋”ฐ๋ˆํ•œ CVE-2017-9805(REST Plugin XStream RCE) ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ธฐ์กด ๋ถ„์„์— ๋น„ํ•ด ๋‚ด์šฉ์ด ๋œ ์ž์„ธํ•˜๊ธด ํ•˜์ง€๋งŒ.. ์กฐ๊ธˆ์ด๋‚˜๋งˆ ์ดํ•ด์— ๋„์›€์ด ๋˜๊ธธ ๋ฐ”๋ผ๋„ค์š”.

Read More

Metasploit ์˜ rhosts์—์„œ Column/Tagging ์ปค์Šคํ„ฐ๋งˆ์ด์ง• ํ•˜๊ธฐ

  • 3 min read

Metasploit์—์„œ hosts ๋ช…๋ น์€ ์•„์ฃผ ์ค‘์š”ํ•œ ๋ช…๋ น์ž…๋‹ˆ๋‹ค. ํƒ€๊ฒŸ์— ๋Œ€ํ•œ ๊ด€๋ฆฌ๋ถ€ํ„ฐ, exploit ์‹œ ์ข€ ๋” ํŽธํ•˜๊ฒŒ ํƒ€๊ฒŸ์„ RHOSTS์— ๋„ฃ์„ ์ˆ˜ ์žˆ์–ด ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๊ณ , ์•ž์œผ๋กœ๋„ ์ญ‰ ์‚ฌ์šฉํ•  ์ˆ˜ ๋ฐ–์— ์—†๋Š” ๊ธฐ๋Šฅ์ด์ฃ .

Read More