X1r0z BlogWeb Security at X1cT34m and Nu1L Teamhttps://exp10it.io/OpenShell: Ripgrep Command Injection in OpenCode Web UIhttps://exp10it.io/posts/openshell-ripgrep-command-injection-in-opencode-web-ui/https://exp10it.io/posts/openshell-ripgrep-command-injection-in-opencode-web-ui/OpenShell: Ripgrep Command Injection in OpenCode Web UIMon, 27 Apr 2026 00:00:00 GMTAttack Surface Analysis of Cursorhttps://exp10it.io/posts/attack-surface-analysis-of-cursor/https://exp10it.io/posts/attack-surface-analysis-of-cursor/Cursor 攻击面分析Thu, 22 Jan 2026 00:00:00 GMTAttack Surface Analysis of Claude Codehttps://exp10it.io/posts/attack-surface-analysis-of-claude-code/https://exp10it.io/posts/attack-surface-analysis-of-claude-code/Claude Code 攻击面分析Thu, 01 Jan 2026 00:00:00 GMTExploring MCP Security Riskshttps://exp10it.io/posts/exploring-mcp-security-risks/https://exp10it.io/posts/exploring-mcp-security-risks/MCP 安全风险初探Tue, 30 Dec 2025 00:00:00 GMTBreaking Raft Consensus in Go: N1SAML Writeup for N1CTF 2025https://exp10it.io/posts/breaking-raft-consensus-in-go-n1saml-writeup-for-n1ctf-2025/https://exp10it.io/posts/breaking-raft-consensus-in-go-n1saml-writeup-for-n1ctf-2025/Breaking Raft Consensus in Go: N1SAML Writeup for N1CTF 2025Sun, 02 Nov 2025 00:00:00 GMTHacking GraalVM Espresso: Abusing Continuation API to Make ROP-Like Attackhttps://exp10it.io/posts/hacking-graalvm-espresso-abusing-continuation-api-to-make-rop-like-attack/https://exp10it.io/posts/hacking-graalvm-espresso-abusing-continuation-api-to-make-rop-like-attack/Hacking GraalVM Espresso: Abusing Continuation API to Make ROP-Like AttackSat, 23 Aug 2025 00:00:00 GMTNCTF 2024 Web 出题小记https://exp10it.io/posts/nctf-2024-web-writeup/https://exp10it.io/posts/nctf-2024-web-writeup/NCTF 2024 Web 出题小记Mon, 24 Mar 2025 00:00:00 GMTH2 RCE 在 JRE 17 环境下的利用https://exp10it.io/posts/h2-rce-in-jre-17/https://exp10it.io/posts/h2-rce-in-jre-17/H2 RCE 在 JRE 17 环境下的利用Mon, 24 Mar 2025 00:00:00 GMT击碎共识: 从 Raft Leader 劫持到分布式系统接管https://exp10it.io/posts/breaking-consensus-from-raft-leader-hijacking-to-distributed-system-takeover/https://exp10it.io/posts/breaking-consensus-from-raft-leader-hijacking-to-distributed-system-takeover/击碎共识: 从 Raft Leader 劫持到分布式系统接管Mon, 03 Mar 2025 00:00:00 GMTHITCON Training Pwn Writeuphttps://exp10it.io/posts/hitcon-training-pwn-writeup/https://exp10it.io/posts/hitcon-training-pwn-writeup/HITCON Training Pwn WriteupTue, 12 Nov 2024 00:00:00 GMT0xGame 2024 Pwn Writeuphttps://exp10it.io/posts/0xgame-2024-pwn-writeup/https://exp10it.io/posts/0xgame-2024-pwn-writeup/0xGame 2024 Pwn WriteupWed, 06 Nov 2024 00:00:00 GMTNTUSTISC Pwn Basic Writeuphttps://exp10it.io/posts/ntustisc-pwn-basic-writeup/https://exp10it.io/posts/ntustisc-pwn-basic-writeup/NTUSTISC Pwn Basic WriteupMon, 28 Oct 2024 00:00:00 GMTBlackHat MEA CTF 2024 Quals Web Writeuphttps://exp10it.io/posts/blackhat-mea-ctf-2024-quals-web-writeup/https://exp10it.io/posts/blackhat-mea-ctf-2024-quals-web-writeup/BlackHat MEA CTF 2024 Quals Web WriteupThu, 05 Sep 2024 00:00:00 GMT巅峰极客 2024 初赛 Web Writeuphttps://exp10it.io/posts/dfjk-2024-preliminary-web-writeup/https://exp10it.io/posts/dfjk-2024-preliminary-web-writeup/巅峰极客 2024 初赛 Web WriteupThu, 22 Aug 2024 00:00:00 GMT通过 Java Fuzzing 挖掘 Nexus Repository 3 目录穿越漏洞 (CVE-2024-4956)https://exp10it.io/posts/java-fuzzing-discover-nexus-repository-3-path-traversal-cve-2024-4956/https://exp10it.io/posts/java-fuzzing-discover-nexus-repository-3-path-traversal-cve-2024-4956/通过 Java Fuzzing 挖掘 Nexus Repository 3 目录穿越漏洞 (CVE-2024-4956)Mon, 27 May 2024 00:00:00 GMTEthernaut Writeuphttps://exp10it.io/posts/ethernaut-writeup/https://exp10it.io/posts/ethernaut-writeup/Ethernaut WriteupMon, 22 Apr 2024 00:00:00 GMTSolarWinds Security Event Manager AMF 反序列化 RCE (CVE-2024-0692)https://exp10it.io/posts/solarwinds-security-event-manager-amf-deserialization-rce-cve-2024-0692/https://exp10it.io/posts/solarwinds-security-event-manager-amf-deserialization-rce-cve-2024-0692/SolarWinds Security Event Manager AMF 反序列化 RCE (CVE-2024-0692)Tue, 05 Mar 2024 00:00:00 GMTHessian UTF-8 Overlong Encodinghttps://exp10it.io/posts/hessian-utf-8-overlong-encoding/https://exp10it.io/posts/hessian-utf-8-overlong-encoding/Hessian UTF-8 Overlong EncodingWed, 28 Feb 2024 00:00:00 GMTdotnet ObjRef Gadget 分析https://exp10it.io/posts/dotnet-objref-rogue-remoting-server-analysis/https://exp10it.io/posts/dotnet-objref-rogue-remoting-server-analysis/dotnet ObjRef Gadget 分析Wed, 14 Feb 2024 00:00:00 GMTdotnet New Deserialization Gadgetshttps://exp10it.io/posts/dotnet-new-deserialization-gadgets/https://exp10it.io/posts/dotnet-new-deserialization-gadgets/dotnet New Deserialization GadgetsMon, 12 Feb 2024 00:00:00 GMTdotnet Insecure Serializationhttps://exp10it.io/posts/dotnet-insecure-serialization/https://exp10it.io/posts/dotnet-insecure-serialization/dotnet Insecure SerializationSun, 11 Feb 2024 00:00:00 GMTdotnet SerializationBinder 绕过https://exp10it.io/posts/dotnet-serialization-binder-bypass/https://exp10it.io/posts/dotnet-serialization-binder-bypass/dotnet SerializationBinder 绕过Thu, 08 Feb 2024 00:00:00 GMTASP.NET ViewState 反序列化https://exp10it.io/posts/asp-net-viewstate-deserialization/https://exp10it.io/posts/asp-net-viewstate-deserialization/ASP.NET ViewState 反序列化Wed, 07 Feb 2024 00:00:00 GMTASP.NET 内存马https://exp10it.io/posts/asp-net-memory-shell/https://exp10it.io/posts/asp-net-memory-shell/ASP.NET 内存马 (Filter/Route/HttpListener/VirtualPath)Tue, 06 Feb 2024 00:00:00 GMTN1CTF Junior 2024 Web Official Writeuphttps://exp10it.io/posts/n1ctf-junior-2024-web-official-writeup/https://exp10it.io/posts/n1ctf-junior-2024-web-official-writeup/N1CTF Junior 2024 Web Official WriteupMon, 05 Feb 2024 00:00:00 GMTRWCTF 2024 体验赛 Writeuphttps://exp10it.io/posts/rwctf-2024-junior-writeup/https://exp10it.io/posts/rwctf-2024-junior-writeup/RWCTF 2024 体验赛 WriteupThu, 01 Feb 2024 00:00:00 GMTNCTF 2023 Web Official Writeuphttps://exp10it.io/posts/nctf-2023-web-official-writeup/https://exp10it.io/posts/nctf-2023-web-official-writeup/NCTF 2023 Web Official WriteupMon, 25 Dec 2023 00:00:00 GMTTCTF 2022 Final Web Writeuphttps://exp10it.io/posts/tctf-2022-final-web-writeup/https://exp10it.io/posts/tctf-2022-final-web-writeup/TCTF 2022 Final (RisingStar) Web WriteupMon, 11 Dec 2023 00:00:00 GMT2023 京麒 CTF ez_oracle Writeuphttps://exp10it.io/posts/2023-jqctf-ez-oracle-writeup/https://exp10it.io/posts/2023-jqctf-ez-oracle-writeup/2023 京麒 CTF ez_oracle WriteupSun, 03 Dec 2023 00:00:00 GMTBlack Hat MEA CTF 2023 Web Writeuphttps://exp10it.io/posts/blackhat-mea-ctf-2023-web-writeup/https://exp10it.io/posts/blackhat-mea-ctf-2023-web-writeup/Black Hat MEA CTF 2023 Web WriteupFri, 24 Nov 2023 00:00:00 GMT2023 鹏城杯 Web Writeuphttps://exp10it.io/posts/2023-pengcheng-cup-web-writeup/https://exp10it.io/posts/2023-pengcheng-cup-web-writeup/2023 鹏城杯 Web WriteupSat, 04 Nov 2023 00:00:00 GMT0xGame 2023 Web Official Writeuphttps://exp10it.io/posts/0xgame-2023-web-official-writeup/https://exp10it.io/posts/0xgame-2023-web-official-writeup/0xGame 2023 Web Official WriteupThu, 02 Nov 2023 00:00:00 GMTWordPress Core RCE Gadget 分析https://exp10it.io/posts/wordpress-core-rce-gadget-analysis/https://exp10it.io/posts/wordpress-core-rce-gadget-analysis/WordPress Core RCE Gadget 分析Thu, 26 Oct 2023 00:00:00 GMTApache ActiveMQ (版本 < 5.18.3) RCE 分析https://exp10it.io/posts/apache-activemq-version-5-18-3-rce-analysis/https://exp10it.io/posts/apache-activemq-version-5-18-3-rce-analysis/Apache ActiveMQ (版本 < 5.18.3) RCE 分析Wed, 25 Oct 2023 00:00:00 GMTSpring AMQP 反序列化漏洞 (CVE-2023-34050) 分析https://exp10it.io/posts/spring-amqp-deserialization-cve-2023-34050-analysis/https://exp10it.io/posts/spring-amqp-deserialization-cve-2023-34050-analysis/Spring AMQP 反序列化漏洞 (CVE-2023-34050) 分析Fri, 20 Oct 2023 00:00:00 GMT2023 中华武术杯 Web Writeuphttps://exp10it.io/posts/2023-zhonghuawushu-cup-web-writeup/https://exp10it.io/posts/2023-zhonghuawushu-cup-web-writeup/2023 中华武术杯 Web Writeup (AWDP + 靶场)Tue, 17 Oct 2023 00:00:00 GMTAtlassian Confluence CVE-2023-22515 分析https://exp10it.io/posts/atlassian-confluence-cve-2023-22515-analysis/https://exp10it.io/posts/atlassian-confluence-cve-2023-22515-analysis/Atlassian Confluence CVE-2023-22515 分析以及一种 RCE? 方式Thu, 12 Oct 2023 00:00:00 GMTJumpServer 伪随机数密码重置漏洞 (CVE-2023-42820) 分析https://exp10it.io/posts/jumpserver-pesudo-random-number-password-reset-cve-2023-42820-analysis/https://exp10it.io/posts/jumpserver-pesudo-random-number-password-reset-cve-2023-42820-analysis/JumpServer 伪随机数密码重置漏洞 (CVE-2023-42820) 分析以及自动化利用Wed, 04 Oct 2023 00:00:00 GMT春秋云镜 2022 网鼎杯半决赛复盘 Writeuphttps://exp10it.io/posts/chunqiuyunjing-2022-wangding-cup-semi-final-writeup/https://exp10it.io/posts/chunqiuyunjing-2022-wangding-cup-semi-final-writeup/春秋云镜 2022 网鼎杯半决赛复盘 WriteupSun, 20 Aug 2023 00:00:00 GMT春秋云镜 Flarum Writeuphttps://exp10it.io/posts/chunqiuyunjing-flarum-writeup/https://exp10it.io/posts/chunqiuyunjing-flarum-writeup/春秋云镜 Flarum WriteupSat, 19 Aug 2023 00:00:00 GMT春秋云镜 Privilege Writeuphttps://exp10it.io/posts/chunqiuyunjing-privilege-writeup/https://exp10it.io/posts/chunqiuyunjing-privilege-writeup/春秋云镜 Privilege WriteupFri, 18 Aug 2023 00:00:00 GMT春秋云镜 Delivery Writeuphttps://exp10it.io/posts/chunqiuyunjing-delivery-writeup/https://exp10it.io/posts/chunqiuyunjing-delivery-writeup/春秋云镜 Delivery WriteupThu, 17 Aug 2023 00:00:00 GMT春秋云镜 Spoofing Writeuphttps://exp10it.io/posts/chunqiuyunjing-spoofing-writeup/https://exp10it.io/posts/chunqiuyunjing-spoofing-writeup/春秋云镜 Spoofing WriteupWed, 16 Aug 2023 00:00:00 GMT春秋云镜 Delegation Writeuphttps://exp10it.io/posts/chunqiuyunjing-delegation-writeup/https://exp10it.io/posts/chunqiuyunjing-delegation-writeup/春秋云镜 Delegation WriteupThu, 10 Aug 2023 00:00:00 GMT春秋云镜 Exchange Writeuphttps://exp10it.io/posts/chunqiuyunjing-exchange-writeup/https://exp10it.io/posts/chunqiuyunjing-exchange-writeup/春秋云镜 Exchange WriteupWed, 09 Aug 2023 00:00:00 GMT春秋云镜 Certify Writeuphttps://exp10it.io/posts/chunqiuyunjing-certify-writeup/https://exp10it.io/posts/chunqiuyunjing-certify-writeup/春秋云镜 Certify WriteupSat, 05 Aug 2023 00:00:00 GMT春秋云镜 Brute4Road Writeuphttps://exp10it.io/posts/chunqiuyunjing-brute4road-writeup/https://exp10it.io/posts/chunqiuyunjing-brute4road-writeup/春秋云镜 Brute4Road WriteupFri, 04 Aug 2023 00:00:00 GMT春秋云镜 Time Writeuphttps://exp10it.io/posts/chunqiuyunjing-time-writeup/https://exp10it.io/posts/chunqiuyunjing-time-writeup/春秋云镜 Time WriteupWed, 02 Aug 2023 00:00:00 GMT基于资源的约束委派 (RBCD) 利用总结https://exp10it.io/posts/resource-based-constrained-delegation-attack-summary/https://exp10it.io/posts/resource-based-constrained-delegation-attack-summary/RBCD 常见利用方法以及在 Relay 攻击中的应用Tue, 01 Aug 2023 00:00:00 GMT春秋云镜 Tsclient Writeuphttps://exp10it.io/posts/chunqiuyunjing-tsclient-writeup/https://exp10it.io/posts/chunqiuyunjing-tsclient-writeup/春秋云镜 Tsclient WriteupSun, 30 Jul 2023 00:00:00 GMT春秋云镜 Initial Writeuphttps://exp10it.io/posts/chunqiuyunjing-initial-writeup/https://exp10it.io/posts/chunqiuyunjing-initial-writeup/春秋云镜 Initial WriteupFri, 28 Jul 2023 00:00:00 GMT2023 CISCN 总决赛 AWD & 渗透 Writeuphttps://exp10it.io/posts/2023-ciscn-final-awd-and-pentest-writeup/https://exp10it.io/posts/2023-ciscn-final-awd-and-pentest-writeup/2023 CISCN 总决赛 AWD & 渗透 WriteupThu, 27 Jul 2023 00:00:00 GMT2023 CISCN 华东北分区赛 Web Writeuphttps://exp10it.io/posts/2023-ciscn-semi-final-web-writeup/https://exp10it.io/posts/2023-ciscn-semi-final-web-writeup/2023 CISCN 华东北分区赛 Web WriteupMon, 26 Jun 2023 00:00:00 GMTNacos JRaft Hessian 反序列化 RCE 分析https://exp10it.io/posts/nacos-jraft-hessian-deserialization-rce-analysis/https://exp10it.io/posts/nacos-jraft-hessian-deserialization-rce-analysis/Nacos JRaft Hessian 反序列化 RCE 分析Tue, 13 Jun 2023 00:00:00 GMT2023 CISCN 初赛 Web Writeuphttps://exp10it.io/posts/2023-ciscn-preliminary-web-writeup/https://exp10it.io/posts/2023-ciscn-preliminary-web-writeup/跟 defcon 时间冲了, 抽空随便打的 (Mon, 29 May 2023 00:00:00 GMTMinIO CVE-2023-28432 & 自更新 RCE 分析https://exp10it.io/posts/minio-cve-2023-28432-self-update-rce-analysis/https://exp10it.io/posts/minio-cve-2023-28432-self-update-rce-analysis/正好最近入坑了 Golang, 做个简单的审计练练手Thu, 11 May 2023 00:00:00 GMTApache Kafka Clients JNDI (CVE-2023-25194) & Druid RCE 分析https://exp10it.io/posts/apache-kafka-client-jndi-cve-2023-25194-druid-rce-analysis/https://exp10it.io/posts/apache-kafka-client-jndi-cve-2023-25194-druid-rce-analysis/Apache Kafka Clients JNDI (CVE-2023-25194) 分析以及在 Apache Druid 环境下的利用Wed, 10 May 2023 00:00:00 GMTHessian CVE-2021-43297 & D3CTF 2023 ezjavahttps://exp10it.io/posts/hessian-cve-2021-43297-d3ctf-2023-ezjava/https://exp10it.io/posts/hessian-cve-2021-43297-d3ctf-2023-ezjava/Hessian CVE-2021-43297 分析以及 D3CTF 2023 ezjava 复现Sun, 07 May 2023 00:00:00 GMT2023 D3CTF Web 部分 Writeuphttps://exp10it.io/posts/2023-d3ctf-web-writeup/https://exp10it.io/posts/2023-d3ctf-web-writeup/2023 D3CTFMon, 01 May 2023 00:00:00 GMT2023 红明谷杯 Web Writeuphttps://exp10it.io/posts/2023-hongminggu-cup-web-writeup/https://exp10it.io/posts/2023-hongminggu-cup-web-writeup/2023 红明谷杯Sun, 30 Apr 2023 00:00:00 GMTTryHackMe K8s 靶机 Writeuphttps://exp10it.io/posts/tryhackme-k8s-writeup/https://exp10it.io/posts/tryhackme-k8s-writeup/TryHackMe K8s 靶机 WriteupThu, 13 Apr 2023 00:00:00 GMTApache Dubbo CVE-2023-23638 分析https://exp10it.io/posts/apache-dubbo-cve-2023-23638-analysis/https://exp10it.io/posts/apache-dubbo-cve-2023-23638-analysis/Apache Dubbo CVE-2023-23638 的另外一种利用方式Sun, 12 Mar 2023 00:00:00 GMTpbctf 2023 XSPS Writeuphttps://exp10it.io/posts/pbctf-2023-xsps-writeup/https://exp10it.io/posts/pbctf-2023-xsps-writeup/人生第一道 xsleaks, 感觉挺有意思的. 不太会写 js 所以痛失一血 ()Mon, 20 Feb 2023 00:00:00 GMTVNCTF 2023 Web 部分 Writeuphttps://exp10it.io/posts/vnctf-2023-web-writeup/https://exp10it.io/posts/vnctf-2023-web-writeup/VNCTF 2023Sun, 19 Feb 2023 00:00:00 GMT对 Thymeleaf SSTI 的一点思考https://exp10it.io/posts/thinking-about-thymeleaf-ssti/https://exp10it.io/posts/thinking-about-thymeleaf-ssti/尝试写点网上没有的东西Wed, 15 Feb 2023 00:00:00 GMTDiceCTF 2023 Web 赛后复现https://exp10it.io/posts/dicectf-2023-web-reproduce/https://exp10it.io/posts/dicectf-2023-web-reproduce/第一次跟 Nu1L 打国际赛, 然后自己被题目虐爆了 (不得不说 Nu1L 的师傅们实在是太强了Wed, 08 Feb 2023 00:00:00 GMTHGAME 2023 Web Writeuphttps://exp10it.io/posts/hgame-2023-web-writeup/https://exp10it.io/posts/hgame-2023-web-writeup/HGAME 2023Tue, 07 Feb 2023 00:00:00 GMT2023 西湖论剑 Web 部分 Writeuphttps://exp10it.io/posts/2023-xihulunjian-web-writeup/https://exp10it.io/posts/2023-xihulunjian-web-writeup/web 差一半, 等官方 wp 吧... 团队整体第二名, 学长们 tqlFri, 03 Feb 2023 00:00:00 GMT2023 N1CTF Junior Web 部分 Writeuphttps://exp10it.io/posts/2023-n1ctf-junior-web-writeup/https://exp10it.io/posts/2023-n1ctf-junior-web-writeup/2023 N1CTF Junior Web 部分 WriteupWed, 01 Feb 2023 00:00:00 GMTBUUCTF Web Writeup 11https://exp10it.io/posts/buuctf-web-writeup-11/https://exp10it.io/posts/buuctf-web-writeup-11/BUUCTF 刷题记录...Sat, 28 Jan 2023 00:00:00 GMTApache Commons Text RCE 漏洞分析https://exp10it.io/posts/apache-commons-text-rce-analysis/https://exp10it.io/posts/apache-commons-text-rce-analysis/Apache Commons Text RCE 漏洞分析Mon, 09 Jan 2023 00:00:00 GMTRWCTF 2023 体验赛 Web Writeuphttps://exp10it.io/posts/rwctf-2023-junior-web-writeup/https://exp10it.io/posts/rwctf-2023-junior-web-writeup/Real World CTF 正赛打不动了过来打体验赛 (Sun, 08 Jan 2023 00:00:00 GMTJava Agent 内存马https://exp10it.io/posts/java-agent-memory-shell/https://exp10it.io/posts/java-agent-memory-shell/Java Agent 内存马学习Wed, 04 Jan 2023 00:00:00 GMTJNDI 注入浅析https://exp10it.io/posts/jndi-injection/https://exp10it.io/posts/jndi-injection/JNDI 注入学习笔记Sun, 25 Dec 2022 00:00:00 GMTBUUCTF Web Writeup 10https://exp10it.io/posts/buuctf-web-writeup-10/https://exp10it.io/posts/buuctf-web-writeup-10/BUUCTF 刷题记录...Sat, 24 Dec 2022 00:00:00 GMTBUUCTF Web Writeup 9https://exp10it.io/posts/buuctf-web-writeup-9/https://exp10it.io/posts/buuctf-web-writeup-9/BUUCTF 刷题记录...Wed, 21 Dec 2022 00:00:00 GMTShiro-550 反序列化分析https://exp10it.io/posts/shiro-550-deserialization/https://exp10it.io/posts/shiro-550-deserialization/Shiro-550 反序列化原理分析, 以及无数组 CommonsCollections 链和 CommonsBeanutils 利用链的构造Sun, 18 Dec 2022 00:00:00 GMTJDK7u21 反序列化分析https://exp10it.io/posts/jdk-7u21-deserialization/https://exp10it.io/posts/jdk-7u21-deserialization/以及一种可能是新的构造方式?Sat, 17 Dec 2022 00:00:00 GMT2022 安洵杯决赛线上 AWD 小记https://exp10it.io/posts/2022-anxun-cup-final-online-awd-note/https://exp10it.io/posts/2022-anxun-cup-final-online-awd-note/第一次打 awd, 然后被按在地上摩擦... 最后跟着队友混了个二等奖Thu, 15 Dec 2022 00:00:00 GMTRCTF 2022 Web 赛后复现https://exp10it.io/posts/rctf-2022-web-reproduce/https://exp10it.io/posts/rctf-2022-web-reproduce/最近疫情严重, rctf 看了两题就收拾行李回家去了... 赛后趁着环境没关赶紧复现一下Tue, 13 Dec 2022 00:00:00 GMTNCTF 2022 Web Writeuphttps://exp10it.io/posts/nctf-2022-web-writeup/https://exp10it.io/posts/nctf-2022-web-writeup/被队友们带飞了, 最后总榜第十 校内第二Mon, 05 Dec 2022 00:00:00 GMT2022 安洵杯 Web Writeuphttps://exp10it.io/posts/2022-anxun-cup-web-writeup/https://exp10it.io/posts/2022-anxun-cup-web-writeup/被学长们带飞了Mon, 28 Nov 2022 00:00:00 GMTBUUCTF Web Writeup 8https://exp10it.io/posts/buuctf-web-writeup-8/https://exp10it.io/posts/buuctf-web-writeup-8/BUUCTF 刷题记录...Thu, 24 Nov 2022 00:00:00 GMTCommonsCollections 反序列化分析https://exp10it.io/posts/commons-collections-deserialization/https://exp10it.io/posts/commons-collections-deserialization/CommonsCollections 反序列化分析, 鸽了好久了Wed, 23 Nov 2022 00:00:00 GMTJava RMI 安全https://exp10it.io/posts/java-rmi-security/https://exp10it.io/posts/java-rmi-security/Java RMI 安全Sun, 20 Nov 2022 00:00:00 GMTNCTF 2021 Web 部分复现https://exp10it.io/posts/nctf-2021-web-reproduce/https://exp10it.io/posts/nctf-2021-web-reproduce/今年 nctf 快要开始了, 做做去年的题. 看了 wp 之后发现自己对前端安全还是不太熟, 太菜了呜呜Sat, 19 Nov 2022 00:00:00 GMTBUUCTF Web Writeup 7https://exp10it.io/posts/buuctf-web-writeup-7/https://exp10it.io/posts/buuctf-web-writeup-7/BUUCTF 刷题记录...Fri, 11 Nov 2022 00:00:00 GMTROME 反序列化分析https://exp10it.io/posts/rome-deserialization/https://exp10it.io/posts/rome-deserialization/之前打 ctf 遇到的, 顺带写一下吧Tue, 08 Nov 2022 00:00:00 GMTJava ClassLoaderhttps://exp10it.io/posts/java-classloader/https://exp10it.io/posts/java-classloader/利用 ClassLoader 动态加载 Java 字节码Mon, 07 Nov 2022 00:00:00 GMTTomcat Listener 型内存马分析https://exp10it.io/posts/tomcat-listener-memory-shell/https://exp10it.io/posts/tomcat-listener-memory-shell/Tomcat Listener 型内存马Sun, 06 Nov 2022 00:00:00 GMTTomcat Filter 型内存马分析https://exp10it.io/posts/tomcat-filter-memory-shell/https://exp10it.io/posts/tomcat-filter-memory-shell/Tomcat Filter 型内存马Sat, 05 Nov 2022 00:00:00 GMTJava Servlet 基础https://exp10it.io/posts/java-servlet-basic/https://exp10it.io/posts/java-servlet-basic/Java Servlet 基础Thu, 03 Nov 2022 00:00:00 GMTBUUCTF Web Writeup 6https://exp10it.io/posts/buuctf-web-writeup-6/https://exp10it.io/posts/buuctf-web-writeup-6/BUUCTF 刷题记录...Wed, 02 Nov 2022 00:00:00 GMT2022 祥云杯 Web Writeuphttps://exp10it.io/posts/2022-xiangyun-cup-web-writeup/https://exp10it.io/posts/2022-xiangyun-cup-web-writeup/看了两天的 Token is invalid ...Mon, 31 Oct 2022 00:00:00 GMT0xGame 2022 Writeuphttps://exp10it.io/posts/0xgame-2022-writeup/https://exp10it.io/posts/0xgame-2022-writeup/0xGame 2022 WriteupSun, 30 Oct 2022 00:00:00 GMT2022 HNCTF Web Writeuphttps://exp10it.io/posts/2022-hnctf-web-writeup/https://exp10it.io/posts/2022-hnctf-web-writeup/题目还行Sat, 29 Oct 2022 01:20:40 GMTMoeCTF 2022 Writeuphttps://exp10it.io/posts/moectf-2022-writeup/https://exp10it.io/posts/moectf-2022-writeup/web 的支付系统挺有意思的. 其它方向的题之前也做了点, 后面就懒得写了...Wed, 26 Oct 2022 00:00:00 GMT2022 SWPU NSS 新生赛 Web Writeuphttps://exp10it.io/posts/2022-swpu-nss-junior-web-writeup/https://exp10it.io/posts/2022-swpu-nss-junior-web-writeup/简单题Tue, 25 Oct 2022 01:20:52 GMTDASCTF 2022 十月赛 Web Writeuphttps://exp10it.io/posts/dasctf-2022-october-web-writeup/https://exp10it.io/posts/dasctf-2022-october-web-writeup/被师傅们带飞了, 混了个第三名. 文章最后补充了一些预期解和官方 wpMon, 24 Oct 2022 00:00:00 GMT2022 NewStarCTF Web Writeuphttps://exp10it.io/posts/2022-newstar-ctf-web-writeup/https://exp10it.io/posts/2022-newstar-ctf-web-writeup/题目挺简单的, 但是也学到了一些比较细节的技巧Sun, 23 Oct 2022 01:20:17 GMT2022 ByteCTF Web 部分 Writeuphttps://exp10it.io/posts/2022-bytectf-web-writeup/https://exp10it.io/posts/2022-bytectf-web-writeup/军训没啥时间, 只能赛后自己试着做了一下... 感觉挺难的, 就做出来两道题Thu, 29 Sep 2022 00:00:00 GMT2022 5space Web 部分 Writeuphttps://exp10it.io/posts/2022-5space-web-writeup/https://exp10it.io/posts/2022-5space-web-writeup/5_web_Eeeeasy_SQL 没做出来...Tue, 20 Sep 2022 00:00:00 GMTBUUCTF Web Writeup 5https://exp10it.io/posts/buuctf-web-writeup-5/https://exp10it.io/posts/buuctf-web-writeup-5/BUUCTF 刷题记录...Sun, 18 Sep 2022 23:33:08 GMT2022 MT CTF Web 部分 Writeuphttps://exp10it.io/posts/2022-mt-ctf-web-writeup/https://exp10it.io/posts/2022-mt-ctf-web-writeup/超常发挥了属于是, Web 只有 easyjava 没做出来Sun, 18 Sep 2022 00:22:22 GMTBUUCTF Web Writeup 4https://exp10it.io/posts/buuctf-web-writeup-4/https://exp10it.io/posts/buuctf-web-writeup-4/BUUCTF 刷题记录...Wed, 31 Aug 2022 00:00:00 GMTMySQL 无列名注入的几种方式https://exp10it.io/posts/mysql-no-column-name-isql-injection/https://exp10it.io/posts/mysql-no-column-name-isql-injection/总结一下无列名注入的几种方式Mon, 29 Aug 2022 00:00:00 GMTXXE 总结笔记https://exp10it.io/posts/xxe-note/https://exp10it.io/posts/xxe-note/记录一下常用 xxe payload. 想到啥写啥, 只是一个备忘录Sat, 27 Aug 2022 00:00:00 GMTBUUCTF Web Writeup 3https://exp10it.io/posts/buuctf-web-writeup-3/https://exp10it.io/posts/buuctf-web-writeup-3/BUUCTF 刷题记录...Sat, 27 Aug 2022 00:00:00 GMT2022 网鼎杯青龙组 Web 部分 Writeuphttps://exp10it.io/posts/2022-wangding-cup-qinglong-group-web-writeup/https://exp10it.io/posts/2022-wangding-cup-qinglong-group-web-writeup/web 三道题两道都是 java 呜呜呜Fri, 26 Aug 2022 00:00:00 GMTBUUCTF Web Writeup 2https://exp10it.io/posts/buuctf-web-writeup-2/https://exp10it.io/posts/buuctf-web-writeup-2/BUUCTF 刷题记录...Wed, 24 Aug 2022 00:00:00 GMTPython SSTI 总结笔记https://exp10it.io/posts/python-ssti-note/https://exp10it.io/posts/python-ssti-note/Python SSTI 的总结笔记, 不定期更新Tue, 23 Aug 2022 00:00:00 GMTBUUCTF Web Writeup 1https://exp10it.io/posts/buuctf-web-writeup-1/https://exp10it.io/posts/buuctf-web-writeup-1/BUUCTF 刷题记录...Sun, 21 Aug 2022 00:00:00 GMTPhar 签名的修复与绕过https://exp10it.io/posts/phar-signature-fix-and-bypass/https://exp10it.io/posts/phar-signature-fix-and-bypass/Phar 签名的修复与绕过Sat, 20 Aug 2022 00:00:00 GMTPHP 特性总结笔记https://exp10it.io/posts/php-features-note/https://exp10it.io/posts/php-features-note/知不知道 PHP 语言的含金量啊?Tue, 16 Aug 2022 00:00:00 GMTctfshow Web入门[反序列化] Writeuphttps://exp10it.io/posts/ctfshow-web-deserialization-writeup/https://exp10it.io/posts/ctfshow-web-deserialization-writeup/PHP 和 Python 的反序列化Tue, 16 Aug 2022 00:00:00 GMTctfshow Web入门[PHP特性] web138-150 Writeuphttps://exp10it.io/posts/ctfshow-web-php-138-150-writeup/https://exp10it.io/posts/ctfshow-web-php-138-150-writeup/PHP 特性最后几题, 过几天写个总结. 这次主要是各种函数的利用, 位运算绕过正则, 条件竞争等等Sat, 13 Aug 2022 00:00:00 GMTctfshow Web入门[PHP特性] web111-137 Writeuphttps://exp10it.io/posts/ctfshow-web-php-111-137-writeup/https://exp10it.io/posts/ctfshow-web-php-111-137-writeup/变量覆盖, 无回显命令执行, 相关函数的绕过...Fri, 12 Aug 2022 00:00:00 GMTctfshow Web入门[PHP特性] web89-110 Writeuphttps://exp10it.io/posts/ctfshow-web-php-89-110-writeup/https://exp10it.io/posts/ctfshow-web-php-89-110-writeup/PHP 的相关特性, 例如弱类型, 变量覆盖Wed, 10 Aug 2022 00:00:00 GMTctfshow Web入门[命令执行] web56-77 Writeuphttps://exp10it.io/posts/ctfshow-web-exec-56-77-writeup/https://exp10it.io/posts/ctfshow-web-exec-56-77-writeup/剩下来的命令执行Tue, 09 Aug 2022 00:00:00 GMTctfshow Web入门[命令执行] web29-55 Writeuphttps://exp10it.io/posts/ctfshow-web-exec-29-55-writeup/https://exp10it.io/posts/ctfshow-web-exec-29-55-writeup/命令执行及绕过技巧Mon, 08 Aug 2022 00:00:00 GMTctfshow 七夕杯 Web + OSINT Writeuphttps://exp10it.io/posts/ctfshow-qixi-cup-web-osint-writeup/https://exp10it.io/posts/ctfshow-qixi-cup-web-osint-writeup/ctfshow 七夕杯 Web + OSINT WriteupFri, 05 Aug 2022 00:00:00 GMTctfshow Web入门[文件包含] Writeuphttps://exp10it.io/posts/ctfshow-web-file-include-writeup/https://exp10it.io/posts/ctfshow-web-file-include-writeup/文件包含. 主要考察各种伪协议, 尤其是 php://filterThu, 04 Aug 2022 00:00:00 GMTNSSCTF Round#4 Web Writeuphttps://exp10it.io/posts/nssctf-round-4-web-writeup/https://exp10it.io/posts/nssctf-round-4-web-writeup/NSSCTF Round#4 Web WriteupWed, 03 Aug 2022 00:00:00 GMTctfshow Web入门[文件上传] Writeuphttps://exp10it.io/posts/ctfshow-web-file-upload-writeup/https://exp10it.io/posts/ctfshow-web-file-upload-writeup/常见的上传漏洞Wed, 03 Aug 2022 00:00:00 GMT2022 强网杯 Web 部分 Writeuphttps://exp10it.io/posts/2022-qiangwang-cup-web-writeup/https://exp10it.io/posts/2022-qiangwang-cup-web-writeup/2022 强网杯 Web 部分 WriteupMon, 01 Aug 2022 00:00:00 GMTctfshow Web入门[SQL注入] web198-220 Writeuphttps://exp10it.io/posts/ctfshow-web-sqli-198-220-writeup/https://exp10it.io/posts/ctfshow-web-sqli-198-220-writeup/肝不动了... 盲注挺费时间的Fri, 29 Jul 2022 00:00:00 GMTSQL 盲注二分法https://exp10it.io/posts/blind-sql-injection-dichotomy/https://exp10it.io/posts/blind-sql-injection-dichotomy/SQL 盲注二分法Thu, 28 Jul 2022 00:00:00 GMTctfshow Web入门[SQL注入] web171-197 Writeuphttps://exp10it.io/posts/ctfshow-web-sqli-171-197-writeup/https://exp10it.io/posts/ctfshow-web-sqli-171-197-writeup/肝不动了.... 休息会Mon, 25 Jul 2022 00:00:00 GMTctfshow Web入门[爆破] Writeuphttps://exp10it.io/posts/ctfshow-web-bruteforce-writeup/https://exp10it.io/posts/ctfshow-web-bruteforce-writeup/爆破类, 有个 PHP 伪随机数漏洞的知识点Fri, 22 Jul 2022 00:00:00 GMTCG CTF Web Writeuphttps://exp10it.io/posts/cg-ctf-web-writeup/https://exp10it.io/posts/cg-ctf-web-writeup/CG CTF Web WriteupWed, 20 Jul 2022 00:00:00 GMTCG CTF Web 综合2 Writeuphttps://exp10it.io/posts/cgctf-web-comprehensive-2-writeup/https://exp10it.io/posts/cgctf-web-comprehensive-2-writeup/CG CTF Web 综合2 WriteupWed, 20 Jul 2022 00:00:00 GMTctfshow Web入门[信息搜集] Writeuphttps://exp10it.io/posts/ctfshow-web-info-gather-writeup/https://exp10it.io/posts/ctfshow-web-info-gather-writeup/信息搜集类别, 题目挺简单的, 但是延申的方向很多Wed, 20 Jul 2022 00:00:00 GMTCobalt Strike Malleable C2 配置https://exp10it.io/posts/cobalt-strike-malleable-c2-configuration/https://exp10it.io/posts/cobalt-strike-malleable-c2-configuration/Cobalt Strike Malleable C2 配置Tue, 13 Aug 2019 00:00:00 GMTVBS 无文件执行 ShellCodehttps://exp10it.io/posts/vbs-fileless-shellcode-exec/https://exp10it.io/posts/vbs-fileless-shellcode-exec/VBS 无文件执行 ShellCodeMon, 12 Aug 2019 00:00:00 GMTCobalt Strike 几种不常见的上线方式https://exp10it.io/posts/cobalt-strike-uncommon-beacons/https://exp10it.io/posts/cobalt-strike-uncommon-beacons/Cobalt Strike 几种不常见的上线方式Sun, 11 Aug 2019 00:00:00 GMTWindows DLL 劫持https://exp10it.io/posts/windows-dll-hijacking/https://exp10it.io/posts/windows-dll-hijacking/Windows DLL 劫持Fri, 09 Aug 2019 00:00:00 GMT绕过 360 对 PowerShell 的拦截https://exp10it.io/posts/powershell-bypass-360/https://exp10it.io/posts/powershell-bypass-360/绕过 360 对 PowerShell 的拦截Tue, 06 Aug 2019 00:00:00 GMTC++ ShellCode 加载器https://exp10it.io/posts/cpp-shellcode-loader/https://exp10it.io/posts/cpp-shellcode-loader/C++ ShellCode 加载器Mon, 05 Aug 2019 00:00:00 GMTMeterpreter 流量免杀https://exp10it.io/posts/meterpreter-traffic-bypass/https://exp10it.io/posts/meterpreter-traffic-bypass/Meterpreter 流量免杀Sun, 04 Aug 2019 00:00:00 GMTOffice CVE-2017-11882 复现https://exp10it.io/posts/office-cve-2017-11882/https://exp10it.io/posts/office-cve-2017-11882/Office CVE-2017-11882 复现Sat, 03 Aug 2019 00:00:00 GMTOffice CVE-2017-8570 复现https://exp10it.io/posts/office-cve-2017-8570/https://exp10it.io/posts/office-cve-2017-8570/Office CVE-2017-8570 复现Thu, 01 Aug 2019 00:00:00 GMTOffice CVE-2017-8759 复现https://exp10it.io/posts/office-cve-2017-8759/https://exp10it.io/posts/office-cve-2017-8759/Office CVE-2017-8759 复现Thu, 01 Aug 2019 00:00:00 GMTOffice CVE-2017-0199 复现https://exp10it.io/posts/office-cve-2017-0199/https://exp10it.io/posts/office-cve-2017-0199/Office CVE-2017-0199 复现Wed, 31 Jul 2019 00:00:00 GMTOffice 宏的利用https://exp10it.io/posts/office-macro-attack/https://exp10it.io/posts/office-macro-attack/Office 宏的利用Tue, 30 Jul 2019 00:00:00 GMT带有 HTTP 请求的 CredentialsPhishhttps://exp10it.io/posts/credentials-phish-with-http-request/https://exp10it.io/posts/credentials-phish-with-http-request/带有 HTTP 请求的 CredentialsPhishMon, 29 Jul 2019 00:00:00 GMTMSFvenom 几种不常见的 Payload 格式https://exp10it.io/posts/msfvenom-uncommon-payloads/https://exp10it.io/posts/msfvenom-uncommon-payloads/MSFvenom 几种不常见的 Payload 格式Mon, 29 Jul 2019 00:00:00 GMT后渗透框架 nishanghttps://exp10it.io/posts/nishang-usage/https://exp10it.io/posts/nishang-usage/后渗透框架 nishangFri, 26 Jul 2019 00:00:00 GMTPowerView 域内信息收集https://exp10it.io/posts/powerview-usage/https://exp10it.io/posts/powerview-usage/PowerView 域内信息收集Fri, 26 Jul 2019 00:00:00 GMT后渗透框架 PowerSploithttps://exp10it.io/posts/powersploit-usage/https://exp10it.io/posts/powersploit-usage/后渗透框架 PowerSploitThu, 25 Jul 2019 00:00:00 GMT加载 PowerShell 脚本https://exp10it.io/posts/load-powershell-script/https://exp10it.io/posts/load-powershell-script/加载 PowerShell 脚本Wed, 24 Jul 2019 00:00:00 GMT金银票据的利用https://exp10it.io/posts/gold-and-silver-tickets-attack/https://exp10it.io/posts/gold-and-silver-tickets-attack/金银票据的利用Mon, 22 Jul 2019 00:00:00 GMTMetasploit 常用维权方式https://exp10it.io/posts/metasploit-persistence/https://exp10it.io/posts/metasploit-persistence/Metasploit 常用维权方式Mon, 22 Jul 2019 00:00:00 GMT针对域环境的权限维持https://exp10it.io/posts/windows-domain-persistence/https://exp10it.io/posts/windows-domain-persistence/针对域环境的权限维持Mon, 22 Jul 2019 00:00:00 GMTWindows 单机权限维持https://exp10it.io/posts/windows-local-persistence/https://exp10it.io/posts/windows-local-persistence/Windows 单机权限维持Mon, 22 Jul 2019 00:00:00 GMTMeterpreter 内存加载执行https://exp10it.io/posts/meterpreter-memory-load-exec/https://exp10it.io/posts/meterpreter-memory-load-exec/Meterpreter 内存加载执行Sun, 21 Jul 2019 00:00:00 GMTWindows SPN 攻击https://exp10it.io/posts/windows-spn-attack/https://exp10it.io/posts/windows-spn-attack/Windows SPN 攻击Fri, 19 Jul 2019 00:00:00 GMTSMB 重放攻击https://exp10it.io/posts/smb-relay-attack/https://exp10it.io/posts/smb-relay-attack/SMB 重放攻击Wed, 17 Jul 2019 00:00:00 GMTMimikatz 哈希与票据传递https://exp10it.io/posts/mimikatz-pth-and-ptt/https://exp10it.io/posts/mimikatz-pth-and-ptt/Mimikatz 哈希与票据传递Tue, 16 Jul 2019 00:00:00 GMT域内 MS14-068 的利用https://exp10it.io/posts/ms14-068-attack/https://exp10it.io/posts/ms14-068-attack/域内 MS14-068 的利用Mon, 15 Jul 2019 00:00:00 GMTWindows 常用远程执行命令的手段https://exp10it.io/posts/windows-remote-exec-methods/https://exp10it.io/posts/windows-remote-exec-methods/Windows 常用远程执行命令的手段Mon, 15 Jul 2019 00:00:00 GMTWindows 绕过 UAC 策略https://exp10it.io/posts/windows-bypass-uac-policy/https://exp10it.io/posts/windows-bypass-uac-policy/Windows 绕过 UAC 策略Fri, 12 Jul 2019 00:00:00 GMTWindows 绕过 AppLocker 限制https://exp10it.io/posts/windows-applocker-bypass/https://exp10it.io/posts/windows-applocker-bypass/Windows 绕过 AppLocker 限制Fri, 12 Jul 2019 00:00:00 GMTWindows 域内信息收集https://exp10it.io/posts/windows-domain-info-gather/https://exp10it.io/posts/windows-domain-info-gather/Windows 域内信息收集Wed, 10 Jul 2019 00:00:00 GMT导出 Chrome 中的凭据与信息https://exp10it.io/posts/chrome-credentials-dump/https://exp10it.io/posts/chrome-credentials-dump/导出 Chrome 中的凭据与信息Tue, 09 Jul 2019 00:00:00 GMT导出 RDP 连接凭据https://exp10it.io/posts/rdp-credentials-dump/https://exp10it.io/posts/rdp-credentials-dump/导出 RDP 连接凭据Tue, 09 Jul 2019 00:00:00 GMTdnscat2 代理隧道https://exp10it.io/posts/dnscat2-tunnel/https://exp10it.io/posts/dnscat2-tunnel/dnscat2 代理隧道Mon, 08 Jul 2019 00:00:00 GMTWindows 常用命令https://exp10it.io/posts/windows-commands/https://exp10it.io/posts/windows-commands/Windows 常用命令Mon, 08 Jul 2019 00:00:00 GMTProcdump 导出密码https://exp10it.io/posts/procdump-usage/https://exp10it.io/posts/procdump-usage/Procdump 导出密码Sun, 07 Jul 2019 00:00:00 GMTCobalt Strike 重定向器https://exp10it.io/posts/cobalt-strike-redirector/https://exp10it.io/posts/cobalt-strike-redirector/Cobalt Strike 重定向器Sat, 06 Jul 2019 00:00:00 GMTCobalt Strike DNS Beaconhttps://exp10it.io/posts/cobalt-strike-dns-beacon/https://exp10it.io/posts/cobalt-strike-dns-beacon/Cobalt Strike DNS BeaconFri, 05 Jul 2019 00:00:00 GMT常见的端口转发方法https://exp10it.io/posts/port-forwarding/https://exp10it.io/posts/port-forwarding/常见的端口转发方法Fri, 21 Jun 2019 00:00:00 GMTSQLite Attach Getshellhttps://exp10it.io/posts/sqlite-attach-getshell/https://exp10it.io/posts/sqlite-attach-getshell/SQLite Attach GetshellMon, 04 Feb 2019 00:00:00 GMTDjango 快速入门https://exp10it.io/posts/django-quickstart/https://exp10it.io/posts/django-quickstart/Django 快速入门Tue, 28 Aug 2018 00:00:00 GMT模拟 BugScan Node 的通信机制https://exp10it.io/posts/emulate-bugscan-node-communication-mechanism/https://exp10it.io/posts/emulate-bugscan-node-communication-mechanism/模拟 BugScan Node 的通信机制Fri, 24 Aug 2018 00:00:00 GMTXSS 绕过安全狗https://exp10it.io/posts/xss-bypass-safedog/https://exp10it.io/posts/xss-bypass-safedog/XSS 绕过安全狗Wed, 15 Aug 2018 00:00:00 GMTWindows 下载文件的几种方式https://exp10it.io/posts/windows-download-file/https://exp10it.io/posts/windows-download-file/Windows 下载文件的几种方式Tue, 14 Aug 2018 00:00:00 GMTJBoss 本地 Getshellhttps://exp10it.io/posts/jboss-local-getshell/https://exp10it.io/posts/jboss-local-getshell/JBoss 本地 GetshellMon, 13 Aug 2018 00:00:00 GMTCelery 学习笔记https://exp10it.io/posts/celery-note/https://exp10it.io/posts/celery-note/Celery 学习笔记Sun, 12 Aug 2018 00:00:00 GMTManjaro Linux 入坑指南https://exp10it.io/posts/manjaro-linux-guide/https://exp10it.io/posts/manjaro-linux-guide/Manjaro Linux 入坑指南Fri, 10 Aug 2018 00:00:00 GMT通达 OA 变量覆盖及 getshellhttps://exp10it.io/posts/tongda-oa-variable-overwrite-and-getshell/https://exp10it.io/posts/tongda-oa-variable-overwrite-and-getshell/通达 OA 变量覆盖及 getshellMon, 06 Aug 2018 00:00:00 GMTxss.tv Writeuphttps://exp10it.io/posts/xss-tv-writeup/https://exp10it.io/posts/xss-tv-writeup/xss.tv WriteupSat, 04 Aug 2018 00:00:00 GMTRSA 算法原理https://exp10it.io/posts/rsa-algorithm-note/https://exp10it.io/posts/rsa-algorithm-note/RSA 算法原理Fri, 03 Aug 2018 00:00:00 GMTXSS Challenges Writeuphttps://exp10it.io/posts/xss-challenges-writeup/https://exp10it.io/posts/xss-challenges-writeup/XSS Challenges WriteupWed, 01 Aug 2018 00:00:00 GMTXor 加密https://exp10it.io/posts/xor-encryption/https://exp10it.io/posts/xor-encryption/Xor 加密Mon, 30 Jul 2018 00:00:00 GMTMySQL load data localhttps://exp10it.io/posts/mysql-load-data-local/https://exp10it.io/posts/mysql-load-data-local/MySQL load data localSun, 22 Jul 2018 00:00:00 GMTWeb.config 突破权限限制https://exp10it.io/posts/web-config-bypass/https://exp10it.io/posts/web-config-bypass/Web.config 突破权限限制Thu, 19 Jul 2018 00:00:00 GMTMSF 派生 Cobalt Strike 会话https://exp10it.io/posts/msfvenom-spawn-cobalt-strike-session/https://exp10it.io/posts/msfvenom-spawn-cobalt-strike-session/MSF 派生 Cobalt Strike 会话Wed, 18 Jul 2018 00:00:00 GMTpowereasy 后台 getshellhttps://exp10it.io/posts/powereasy-post-auth-getshell/https://exp10it.io/posts/powereasy-post-auth-getshell/powereasy 后台 getshellThu, 12 Jul 2018 00:00:00 GMTMstsc tscon 后门https://exp10it.io/posts/mstsc-tscon-backdoor/https://exp10it.io/posts/mstsc-tscon-backdoor/Mstsc tscon 后门Wed, 11 Jul 2018 00:00:00 GMT信息收集中常见端口的整理https://exp10it.io/posts/common-ports/https://exp10it.io/posts/common-ports/信息收集中常见端口的整理Sun, 08 Jul 2018 00:00:00 GMTBurpSuite 攻击模式https://exp10it.io/posts/burpsuite-intruder-attack-types/https://exp10it.io/posts/burpsuite-intruder-attack-types/BurpSuite 攻击模式Fri, 06 Jul 2018 00:00:00 GMT命令行语法格式https://exp10it.io/posts/cli-options-usage/https://exp10it.io/posts/cli-options-usage/命令行语法格式Thu, 05 Jul 2018 00:00:00 GMTdedecms 前台通杀上传 0dayhttps://exp10it.io/posts/dedecms-upload-0day/https://exp10it.io/posts/dedecms-upload-0day/dedecms 前台通杀上传 0dayThu, 28 Jun 2018 00:00:00 GMTPython AsyncIO 学习笔记https://exp10it.io/posts/python-asyncio-note/https://exp10it.io/posts/python-asyncio-note/Python AsyncIO 学习笔记Tue, 26 Jun 2018 00:00:00 GMTChaBug Upload Writeuphttps://exp10it.io/posts/chabug-upload-writeup/https://exp10it.io/posts/chabug-upload-writeup/ChaBug Upload WriteupFri, 22 Jun 2018 00:00:00 GMTmsfvenom 多重编码https://exp10it.io/posts/msfvenom-multiple-encode/https://exp10it.io/posts/msfvenom-multiple-encode/msfvenom 多重编码Wed, 20 Jun 2018 00:00:00 GMT简单的渗透测试报告https://exp10it.io/posts/easy-pentest-report/https://exp10it.io/posts/easy-pentest-report/简单的渗透测试报告Mon, 18 Jun 2018 00:00:00 GMTDREAD 风险评估https://exp10it.io/posts/dread-model/https://exp10it.io/posts/dread-model/DREAD 风险评估Fri, 15 Jun 2018 00:00:00 GMTSQLmap udf dll 解码https://exp10it.io/posts/sqlmap-udf-dll-decode/https://exp10it.io/posts/sqlmap-udf-dll-decode/SQLmap udf dll 解码Thu, 07 Jun 2018 00:00:00 GMTMS17-010 Attack bathttps://exp10it.io/posts/ms17-010-attack-bat/https://exp10it.io/posts/ms17-010-attack-bat/MS17-010 Attack batSun, 03 Jun 2018 00:00:00 GMT绕过 360 添加用户https://exp10it.io/posts/add-user-bypass-360/https://exp10it.io/posts/add-user-bypass-360/绕过 360 添加用户Sat, 02 Jun 2018 00:00:00 GMTMSSQL 读取文件https://exp10it.io/posts/mssql-read-file/https://exp10it.io/posts/mssql-read-file/MSSQL 读取文件Thu, 31 May 2018 00:00:00 GMTISCC 2018 Misc Writeuphttps://exp10it.io/posts/iscc-2018-misc-writeup/https://exp10it.io/posts/iscc-2018-misc-writeup/ISCC 2018 Misc WriteupSun, 20 May 2018 00:00:00 GMTChaBug Web2 Writeuphttps://exp10it.io/posts/chabug-web2-writeup/https://exp10it.io/posts/chabug-web2-writeup/ChaBug Web2 WriteupWed, 16 May 2018 00:00:00 GMTLDAP 学习笔记https://exp10it.io/posts/ldap-note/https://exp10it.io/posts/ldap-note/LDAP 学习笔记Mon, 14 May 2018 00:00:00 GMTPHP 对象注入https://exp10it.io/posts/php-object-injection/https://exp10it.io/posts/php-object-injection/PHP 对象注入Sun, 13 May 2018 00:00:00 GMTPHP PDO 参数化查询https://exp10it.io/posts/php-pdo-query/https://exp10it.io/posts/php-pdo-query/PHP PDO 参数化查询Sat, 12 May 2018 00:00:00 GMTSQLMap Tamper 编写https://exp10it.io/posts/sqlmap-tamper/https://exp10it.io/posts/sqlmap-tamper/SQLMap Tamper 编写Sat, 12 May 2018 00:00:00 GMT无字母 PHP Shellhttps://exp10it.io/posts/no-letters-php-webshell/https://exp10it.io/posts/no-letters-php-webshell/无字母 PHP ShellSat, 05 May 2018 00:00:00 GMTPython WeakFileScanhttps://exp10it.io/posts/python-weakfilescan/https://exp10it.io/posts/python-weakfilescan/Python WeakFileScanSat, 05 May 2018 00:00:00 GMT绕过 PowerShell 的执行策略https://exp10it.io/posts/powershell-execution-policy-bypass/https://exp10it.io/posts/powershell-execution-policy-bypass/绕过 PowerShell 的执行策略Fri, 04 May 2018 00:00:00 GMTMSF ShellCode Bypasshttps://exp10it.io/posts/msf-shellcode-bypass/https://exp10it.io/posts/msf-shellcode-bypass/MSF ShellCode BypassThu, 03 May 2018 00:00:00 GMT阿里云 WAF 绕过https://exp10it.io/posts/aliyun-waf-bypass/https://exp10it.io/posts/aliyun-waf-bypass/阿里云 WAF 绕过Sat, 21 Apr 2018 00:00:00 GMT帝国 cms 后台 getshellhttps://exp10it.io/posts/empire-cms-post-auth-getshell/https://exp10it.io/posts/empire-cms-post-auth-getshell/帝国 cms 后台 getshellThu, 12 Apr 2018 00:00:00 GMTvssown.vbshttps://exp10it.io/posts/vssown-vbs-usage/https://exp10it.io/posts/vssown-vbs-usage/vssown.vbsSat, 07 Apr 2018 00:00:00 GMTwmiexec.vbshttps://exp10it.io/posts/wmiexec-vbs-usage/https://exp10it.io/posts/wmiexec-vbs-usage/wmiexec.vbsFri, 06 Apr 2018 00:00:00 GMTJBoss Deploy Getshellhttps://exp10it.io/posts/jboss-deploy-getshell/https://exp10it.io/posts/jboss-deploy-getshell/JBoss Deploy GetshellThu, 05 Apr 2018 00:00:00 GMTZabbix SQL 注入https://exp10it.io/posts/zabbix-sql-injection/https://exp10it.io/posts/zabbix-sql-injection/Zabbix SQL 注入Wed, 04 Apr 2018 00:00:00 GMT大米 CMS 任意文件删除https://exp10it.io/posts/damicms-arbitrary-file-delete/https://exp10it.io/posts/damicms-arbitrary-file-delete/大米 CMS 任意文件删除Mon, 02 Apr 2018 00:00:00 GMTdedecms 后台代码执行https://exp10it.io/posts/dedecms-post-auth-rce/https://exp10it.io/posts/dedecms-post-auth-rce/dedecms 后台代码执行Fri, 30 Mar 2018 00:00:00 GMTUbuntu 提权 EXPhttps://exp10it.io/posts/ubuntu-lpe-exploit/https://exp10it.io/posts/ubuntu-lpe-exploit/Ubuntu 提权 EXPFri, 30 Mar 2018 00:00:00 GMTdedecms 友链 getshellhttps://exp10it.io/posts/dedecms-friend-link-getshell/https://exp10it.io/posts/dedecms-friend-link-getshell/dedecms 友链 getshellSun, 25 Mar 2018 00:00:00 GMTaspcms SQL 注入https://exp10it.io/posts/aspcms-sql-injection/https://exp10it.io/posts/aspcms-sql-injection/aspcms SQL 注入Wed, 21 Mar 2018 00:00:00 GMTdiscuz 任意文件删除https://exp10it.io/posts/discuz-arbitrary-file-delete/https://exp10it.io/posts/discuz-arbitrary-file-delete/discuz 任意文件删除Mon, 19 Mar 2018 00:00:00 GMTPHP 加密 Bypass WAFhttps://exp10it.io/posts/php-encode-bypass-waf/https://exp10it.io/posts/php-encode-bypass-waf/PHP 加密 Bypass WAFMon, 19 Mar 2018 00:00:00 GMTTypecho Writeuphttps://exp10it.io/posts/typecho-writeup/https://exp10it.io/posts/typecho-writeup/Typecho WriteupSat, 17 Mar 2018 00:00:00 GMTMSSQL Log Getshellhttps://exp10it.io/posts/mssql-log-getshell/https://exp10it.io/posts/mssql-log-getshell/MSSQL Log GetshellWed, 14 Mar 2018 00:00:00 GMTsiteserver 管理员密码重置https://exp10it.io/posts/siteserver-admin-password-reset/https://exp10it.io/posts/siteserver-admin-password-reset/siteserver 管理员密码重置Sat, 10 Mar 2018 00:00:00 GMTsiteserver SQL 注入https://exp10it.io/posts/siteserver-sql-injection/https://exp10it.io/posts/siteserver-sql-injection/siteserver SQL 注入Sat, 10 Mar 2018 00:00:00 GMTHTTP 头伪造 IPhttps://exp10it.io/posts/http-header-fake-ip/https://exp10it.io/posts/http-header-fake-ip/HTTP 头伪造 IPTue, 06 Mar 2018 00:00:00 GMTWeb 密码记录脚本https://exp10it.io/posts/web-password-record-scripts/https://exp10it.io/posts/web-password-record-scripts/Web 密码记录脚本Tue, 06 Mar 2018 00:00:00 GMTRedis Getshellhttps://exp10it.io/posts/redis-getshell/https://exp10it.io/posts/redis-getshell/Redis GetshellMon, 05 Mar 2018 00:00:00 GMTdedecms 后台爆破https://exp10it.io/posts/dedecms-bruteforce/https://exp10it.io/posts/dedecms-bruteforce/dedecms 后台爆破Sat, 03 Mar 2018 00:00:00 GMTMSF Webshell 上线https://exp10it.io/posts/msf-webshell/https://exp10it.io/posts/msf-webshell/MSF Webshell 上线Sat, 24 Feb 2018 00:00:00 GMTteamviewer 提权https://exp10it.io/posts/teamviewer-lpe/https://exp10it.io/posts/teamviewer-lpe/teamviewer 提权Fri, 23 Feb 2018 00:00:00 GMTreGeorg 内网穿透https://exp10it.io/posts/regeorg-tunnel/https://exp10it.io/posts/regeorg-tunnel/reGeorg 内网穿透Thu, 22 Feb 2018 00:00:00 GMTtermite 跳板机管理https://exp10it.io/posts/termite-usage/https://exp10it.io/posts/termite-usage/termite 跳板机管理Thu, 22 Feb 2018 00:00:00 GMTNmap 脚本列表https://exp10it.io/posts/nmap-scripts/https://exp10it.io/posts/nmap-scripts/Nmap 脚本列表Tue, 20 Feb 2018 00:00:00 GMTPython 实现单向链表https://exp10it.io/posts/python-linked-list/https://exp10it.io/posts/python-linked-list/Python 实现单向链表Mon, 19 Feb 2018 00:00:00 GMTEarthWorm 内网穿透https://exp10it.io/posts/earthworm-tunnel/https://exp10it.io/posts/earthworm-tunnel/EarthWorm 内网穿透Sun, 18 Feb 2018 00:00:00 GMTpstools 使用详解https://exp10it.io/posts/pstools-usage/https://exp10it.io/posts/pstools-usage/pstools 使用详解Sat, 17 Feb 2018 00:00:00 GMT获得 Linux 交互式 Shellhttps://exp10it.io/posts/linux-interactive-shell/https://exp10it.io/posts/linux-interactive-shell/获得 Linux 交互式 ShellFri, 16 Feb 2018 00:00:00 GMTnetcat 使用技巧https://exp10it.io/posts/netcat-usage/https://exp10it.io/posts/netcat-usage/netcat 使用技巧Wed, 14 Feb 2018 00:00:00 GMTPHP 常用伪协议https://exp10it.io/posts/php-pesudo-protocols/https://exp10it.io/posts/php-pesudo-protocols/PHP 常用伪协议Tue, 13 Feb 2018 00:00:00 GMT利用 dnslog 回显https://exp10it.io/posts/dnslog-output/https://exp10it.io/posts/dnslog-output/利用 dnslog 回显Sat, 10 Feb 2018 00:00:00 GMTMySQL updatexml 注入https://exp10it.io/posts/mysql-updatexml-sql-injection/https://exp10it.io/posts/mysql-updatexml-sql-injection/MySQL updatexml 注入Wed, 07 Feb 2018 00:00:00 GMTPHP Bypass D盾https://exp10it.io/posts/php-bypass-dsafe/https://exp10it.io/posts/php-bypass-dsafe/PHP Bypass D盾Tue, 06 Feb 2018 00:00:00 GMTWebLogic RCE 复现https://exp10it.io/posts/weblogic-rce-reproduce/https://exp10it.io/posts/weblogic-rce-reproduce/WebLogic RCE 复现Tue, 06 Feb 2018 00:00:00 GMTphpcms authkey 注入https://exp10it.io/posts/phpcms-authkey-sql-injection/https://exp10it.io/posts/phpcms-authkey-sql-injection/phpcms authkey 注入Sun, 04 Feb 2018 00:00:00 GMTphpcms SQL 注入https://exp10it.io/posts/phpcms-sql-injection/https://exp10it.io/posts/phpcms-sql-injection/phpcms SQL 注入Sat, 03 Feb 2018 00:00:00 GMTphpcms 后台 getshellhttps://exp10it.io/posts/phpcms-post-auth-getshell/https://exp10it.io/posts/phpcms-post-auth-getshell/phpcms 后台 getshellFri, 02 Feb 2018 00:00:00 GMTPHP 菜刀中转脚本https://exp10it.io/posts/php-caidao-forward-scripts/https://exp10it.io/posts/php-caidao-forward-scripts/PHP 菜刀中转脚本Wed, 31 Jan 2018 00:00:00 GMT星外虚拟主机跨目录https://exp10it.io/posts/freehost-path-traversal/https://exp10it.io/posts/freehost-path-traversal/星外虚拟主机跨目录Sat, 27 Jan 2018 00:00:00 GMTLinux 的几种后门https://exp10it.io/posts/linux-backdoors/https://exp10it.io/posts/linux-backdoors/Linux 的几种后门Fri, 26 Jan 2018 00:00:00 GMTdirtyc0w linux 提权https://exp10it.io/posts/dirtyc0w-linux-lpe/https://exp10it.io/posts/dirtyc0w-linux-lpe/dirtyc0w linux 提权Sun, 21 Jan 2018 00:00:00 GMTMSSQL 显错注入https://exp10it.io/posts/mssql-error-based-sql-injection/https://exp10it.io/posts/mssql-error-based-sql-injection/MSSQL 显错注入Mon, 15 Jan 2018 00:00:00 GMTMySQL Log Getshellhttps://exp10it.io/posts/mysql-log-getshell/https://exp10it.io/posts/mysql-log-getshell/MySQL Log GetshellTue, 09 Jan 2018 00:00:00 GMTecshop 后台 getshellhttps://exp10it.io/posts/ecshop-post-auth-getshell/https://exp10it.io/posts/ecshop-post-auth-getshell/ecshop 后台 getshellSun, 07 Jan 2018 00:00:00 GMTFckeditor PHP Exphttps://exp10it.io/posts/fckeditor-php-exploit/https://exp10it.io/posts/fckeditor-php-exploit/Fckeditor PHP ExpSat, 06 Jan 2018 00:00:00 GMT树洞外链 insert 注入https://exp10it.io/posts/tree-hole-insert-sql-injection/https://exp10it.io/posts/tree-hole-insert-sql-injection/树洞外链 insert 注入Mon, 01 Jan 2018 00:00:00 GMTMySQL 盲注https://exp10it.io/posts/mysql-blind-sql-injection/https://exp10it.io/posts/mysql-blind-sql-injection/MySQL 盲注Mon, 25 Dec 2017 00:00:00 GMTdiscuz 后台 getshellhttps://exp10it.io/posts/discuz-post-auth-getshell/https://exp10it.io/posts/discuz-post-auth-getshell/discuz 后台 getshellThu, 07 Dec 2017 00:00:00 GMTGit 学习笔记https://exp10it.io/posts/git-note/https://exp10it.io/posts/git-note/Git 学习笔记Tue, 05 Dec 2017 00:00:00 GMT