Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 76 of 86

NMAP Part2 - NSE(Nmap Script Engine)์„ ์ด์šฉํ•œ ์ทจ์•ฝ์  ์Šค์บ๋‹

  • 2 min read

Nmap script ์ธ NSE๋Š” nmap์„ ํ†ตํ•ด ๋„คํŠธ์›Œํฌ ์Šค์บ”์„ ์ง„ํ–‰ํ•˜๊ฑฐ๋‚˜, ์ทจ์•ฝ์  ์ง„๋‹จ์„ ์ˆ˜ํ–‰ํ•  ๋•Œ ์œ ์šฉํ•˜๊ฒŒ ์“ฐ์ผ ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ์ž…๋‹ˆ๋‹ค. Lua๋กœ ์ž‘์„ฑ๋˜์–ด ์žˆ์œผ๋ฉฐ nmap์„ ํ†ตํ•ด ํฌํŠธ์Šค์บ”, ๋„คํŠธ์›Œํฌ ์ ‘๊ทผ ์ด์™ธ์—๋„ ๋” ๋„“์€ ๋ฒ”์œ„์˜ ํ…Œ์ŠคํŠธ๋ฅผ ์ง€์›ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ NSE์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Read More

nmap์„ ์ด์šฉํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋„คํŠธ์›Œํฌ ์Šค์บ” ๊ธฐ๋ฒ• ์‚ดํŽด๋ณด๊ธฐ

  • 3 min read

๋„คํŠธ์›Œํฌ๋ฅผ ์Šค์บ”ํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ๊ฐ€์žฅ ์œ ๋ช…ํ•˜๊ณ  ๋Œ€ํ‘œ์ ์ธ nmap์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ์ •๋ฆฌํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Read More

Arachni - Web application security scanner framework

  • 1 min read

๋งŽ์€ WVS(Web Vulnerability Scanner) ์ค‘ ์˜คํ”ˆ์†Œ์Šค ํ”„๋ ˆ์ž„์›Œํฌ์ธ Arachni์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ํ…Œ์ŠคํŠธ ํ•˜์˜€๊ณ , ๋ฌด๋‚œํ•˜๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„ ๊ฒƒ ๊ฐ™์•„ ์ •๋ฆฌํ•ฉ๋‹ˆ๋‹ค.

Read More

[DEBIAN] w3m/lynx :: Linux text base web browser(๋ฆฌ๋ˆ…์Šค ํ…์ŠคํŠธ ๋ธŒ๋ผ์šฐ์ €)

  • ~1 min read

์ œ์ž‘๋…„์ฏค์ธ๊ฐ€์š”.. ํ•œ๋•Œ ํ…์ŠคํŠธ ๋ธŒ๋ผ์šฐ์ €๋ฅผ ์ž ๊น ์ผ์—ˆ๋˜ ์‹œ์ ˆ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ํ‚ค๋ณด๋“œ๋กœ๋งŒ์œผ๋กœ๋„ ์‹ฌํ”Œํ•˜๊ฒŒ ์›น์„ ํƒ์ƒ‰ํ•  ์ˆ˜ ์žˆ์–ด ์ข‹์•˜์ง€๋งŒ, ์ตœ๊ทผ ํ™”๋ คํ•˜๊ณ  ์ปจํ…์ธ ๊ฐ€ ๋งŽ์€ ์›น์˜ ํ˜•ํƒœ์—๋Š” ์•ฝ๊ฐ„ ์–ด์šธ๋ฆฌ๊ธฐ ํž˜๋“  ๋ถ€๋ถ„๋„ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Read More

MSF์˜ local_exploit_suggester ๋ชจ๋“ˆ์„ ์ด์šฉํ•œ Local Exploit ์ฐพ๊ธฐ

  • 2 min read

Metasploit์„ ํ†ตํ•ด ๋Œ€์ƒ ์‹œ์Šคํ…œ์— ์นจํˆฌํ–ˆ์„ ๊ฒฝ์šฐ ์šฐ๋ฆฌ๋Š” ๊ถŒํ•œ ์ƒ์Šน์„ ์œ„ํ•ด Local ์ทจ์•ฝ์ ์„ ์ฐพ๊ธฐ ์œ„ํ•ด ๋…ธ๋ ฅํ•  ๊ฒƒ์ž…๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ทจ์•ฝํ•œ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์ด ๋ˆˆ์— ์ž˜ ๋„์ง€๋Š” ์•Š์ง€๋งŒ์š”. Meterpreter Shell์—์„œ ์‚ฌ์šฉ๊ฐ€๋Šฅํ•œ ๋ชจ๋“ˆ ์ค‘ ์ด๋Ÿฌํ•œ ๊ณผ์ •์„ ์ž๋™ํ™”ํ•ด์ค€ ๋ชจ๋“ˆ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ local_exploit_suggester ์ธ๋ฐ์š”, ์˜ค๋Š˜์€ ์ด ๋ชจ๋“ˆ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Read More

[HACKING] steghide๋ฅผ ์ด์šฉํ•œ Steganography(Embed/Extract Steganography with steghide)

  • 6 min read

Steganography์™€ steghide

Steganography Steganography (US Listeni/หŒstษ›.ษกษ™หˆnษ”ห.ษกrษ™.fi/, UK /หŒstษ›ษก.ษ™หˆnษ’ษก.rษ™.fi/) is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography combines the Greek words steganos (ฯƒฯ„ฮตฮณฮฑฮฝฯŒฯ‚), meaning โ€œcovered, concealed, or protectedโ€, and graphein (ฮณฯฮฌฯ†ฮตฮนฮฝ) meaning โ€œwritingโ€.

Read More

[METASPLOIT] Default Shell์„ Meterpreter Shell๋กœ ์—…๊ทธ๋ ˆ์ด๋“œํ•˜๊ธฐ(Nomal Shell to Meterpreter shell)

  • 1 min read

Metasploit ๋ชจ๋“ˆ ์ค‘ shell_to_meterpreter๋ผ๋Š” POST ๋ชจ๋“ˆ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ด ๋ชจ๋“ˆ์„ ์ด์šฉํ•ด์„œ reverse_tcp, bind_tcp ๋“ฑ ์ผ๋ฐ˜ ์‰˜์„ meterpreter shell๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Read More

SQLNinja๋ฅผ ์ด์šฉํ•œ SQL Injection ํ…Œ์ŠคํŒ…

  • 2 min read

SQL NINJA๋ž€?

SqlMap๊ณผ ํ•จ๊ป˜ SQL Injection Testing ๋„๊ตฌ๋กœ ์œ ๋ช…ํ•œ ํˆด์ž…๋‹ˆ๋‹ค. perl ๊ธฐ๋ฐ˜์œผ๋กœ ์ œ์ž‘๋˜์—ˆ์œผ๋ฉฐ, Kali Default Tool์—๋„ ํฌํ•จ๋  ๋งŒํผ ์ข‹์€ ์„ฑ๋Šฅ์„ ์ž๋ž‘ํ•˜์ง€์š”.

Read More

[SYSTEM HACKING] Remote NFS Mount ๋ฐ Metasploit nfs/nfsmount ๋ชจ๋“ˆ์„ ์ด์šฉํ•œ NFS Scan/Access

  • 1 min read

Mount ๋ช…๋ น์„ ์ด์šฉํ•œ Remote NFS Mount

Linux, Unix ๋“ฑ์—์„œ HDD,USB ๋“ฑ์„ ์‚ฌ์šฉํ•˜๊ธฐ ์œ„ํ•ด์„œ๋Š” mount๋ฅผ ํ†ตํ•ด OS์™€ ํ•ด๋‹น ๋“œ๋ผ์ด๋ธŒ๋ฅผ ์—ฐ๊ฒฐ์‹œ์ผœ์ฃผ๋Š” ์ž‘์—…์ด ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค. ๋žฉํ†ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” Linux๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ ๋“œ๋ผ์ด๋ธŒ ์—ฐ๊ฒฐ ์‹œ ์ž๋™์œผ๋กœ mount ํ•˜๋Š” ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์ง€์š”.

Read More