I recently wrote a Flask web application in Python. When I put it online, I of course ran Nikto over it. Since I was immediately confronted with the usual suspects, I wanted to write down the solution for this weak point as a reminder to myself and possibly for your support. Vulnerabilities What vulnerabilities do we encounter again and again?
3in1 Description Like Nescafeeeee! Attachments https://ctf.k3rn3l4rmy.com/kernelctf-distribution-challs/nescafeee/AES.py Todos To decrypt the string in the given AES.py script (String is in scriptfile as a comment). from Crypto.Cipher import AES from Crypto.Hash import SHA256 f = open('progress.txt', 'r') password = ("abda") hash_obj = SHA256.new(password.encode('utf-8')) hkey = hash_obj.digest() def encrypt(info): msg = info BLOCK_SIZE = 16 PAD = "{" padding = lambda s: s
Useful payloads Here are some valuable payloads for both Linux & Windows command injection on a vulnerable web-application. Feel free! Linux Payload Description whoami See what user the application is running under. ls List the contents of the current directory. You may be able to find files such as configuration files, environment files (tokens and application keys), and many more