Mars's Blog

[Vulnhub] Typhoon-v1.02 Write-up

Information gathering root@kali:~# nmap -sV -p- 192.168.1.104 Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-02 09:07 EST Nmap scan report for 192.168.1.104 Host is up (0.0012s latency). Not ...

Posted by Mars Cheng on February 5, 2019

[Vulnhub] Kioptrix: Level 1.1 (#2) Write-up

Overview This is a vulnerable machine from vulnhub, and the write-up refers some internet resources. If any mistake or suggestion, please let we konw. Thanks. Walkthrough Information gat...

Posted by Mars Cheng on February 5, 2019

CVE-2018-16656

Kyocera TASKalfa 4002i and 6002i exist unauthenticated access vulnerability

Description:Kyocera TASKalfa 4002i and 6002i devices allow remote attackers to read the documents of arbitrary users via a modified HTTP request. This vulnerability was discovered by Mars C...

Posted by Mars Cheng on January 31, 2019

Sudo (LD_PRELOAD) (Linux Privilege Escalation)

Liunx權限提升-LD_PRELOAD環境變量

Overview This is Translating Articles which from http://touhidshaikh.com/blog/?p=827, if any problem, If any mistake or suggestion, please let we konw. Thanks. 本篇文章翻譯自 http://touhidshaikh.com/...

Posted by Mars Cheng on August 25, 2018

Abusing SUDO (Linux Privilege Escalation)

Liunx權限提升-濫用Sudo

Overview This is Translating Articles which from http://touhidshaikh.com/blog/?p=790, if any problem, If any mistake or suggestion, please let we konw. Thanks. 本篇文章翻譯自 http://touhidshaikh.com/...

Posted by Mars Cheng on August 24, 2018

[Vulnhub] Mr-Robot: 1 Write-up

Overview This is a vulnerable machine from vulnhub, and the write-up refers some internet resources. If any mistake or suggestion, please let we konw. Thanks. Walkthrough Information gat...

Posted by Mars Cheng on August 22, 2018

[Vulnhub] Temple of Doom: 1 Write-up

Overview This is a vulnerable machine from vulnhub, and the write-up refers some internet resources. If any mistake or suggestion, please let we konw. Thanks. Walkthrough Information gath...

Posted by Mars Cheng on August 20, 2018

CVE-2018-11492

ASUS HG100 exists DoS vulnerability

Description:ASUS HG100 devices allow denial of service via an IPv4 packet flood. This vulnerability was discovered by Mars Cheng at National Center for Cyber Security Technology (NCCST) ...

Posted by Mars Cheng on July 25, 2018

CVE-2018-11491

ASUS HG100 exists unauthenticated access vulnerability

Description: ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. This vulnerability was discovered by Mars Cheng at National C...

Posted by Mars Cheng on July 25, 2018