Skip to main content

SecTantra - Pentesting

Search This Blog

Cookies Attributes

on May 06, 2020

Get link
Facebook
X
Pinterest
Email
Other Apps

HTTP Only - if this cookie attribute is present then client side scripts like: - javascript cannot access the cookies.
Secure - if HTTPS is not there then cookies will not be transmitted.

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

Post a Comment

Popular Posts

Configure Burp Pro Cracked in Kali Linux

For running Burp Pro Cracked, we need two files mentioned below in screenshot 1. Burp Suite Jar 2. Its Decoder/Crack/Keygen Now we will downgrade the java version used by kali, To find all the available version type below mentioned command and then change version as command guides. In above screenshot we tried option "1" also but that did not worked. Now fire up the command as mentioned in above and below screenshot, which will give you the burp's crack/license window. [Optional] Change the name of license Text : "Licensed To <<your name>>" Copy the License and click on Run Paste this license in License pop which you have received after clicking on run button. Click on manual activation, copy the request and paste it in the request section of above mentioned screeshot's window. (Burp Suite Window) Copy the response ( response section of above mentioned screenshot ) and paste it in manual activ...

JWT - MindMap to Exploit All

JWT Attacks ├── Signature Bypass ├── alg: none ├── RS256 → HS256 ├── weak HMAC secret ├── Claim Tampering ├── exp (expiry) ├── iat (issued at) ├── role/user escalation ├── audience (aud) abuse ├── Header Injection ├── kid header ├── jku / x5u remote key ├── Replay / Misuse ├── token replay ├── no revocation (no jti) ├── stored in URL / localStorage ├── Hybrid + OAuth ├── token phishing / reuse ├── login CSRF → JWT reuse =================================================================== JWT – Key Points Full form: JSON Web Token Used for: Authentication & Authorization Why: Stateless, secure, easy to verify 🔧 Format (3 parts, dot-separated) HEADER .PAYLOAD .SIGNATURE Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9. eyJ1c2VyIjoiVmFydW4iLCJyb2xlIjoiYWRtaW4ifQ. hMACsignatureHere 📦 Cont...

1 AD Pentesting - Windows/Local Privilege Escalation

# Technique Name Description 1 Unquoted Service Path Exploit unquoted paths to execute attacker’s binary as SYSTEM 2 Insecure Service Permissions Writable service binary/config or folders lead to privilege gain 3 DLL Hijacking in Services Drop DLL in searched path loaded by a high-privilege service 4 Insecure Registry Permissions Modifiable registry keys controlling service paths 5 Privileged Scheduled Tasks SYSTEM tasks writable or replaceable by local user 6 AlwaysInstallElevated (MSI Abuse) Misconfigured Windows Installer policy allows SYSTEM MSI installs 7 UAC Bypass (fodhelper, eventvwr, etc.) Trusted binaries auto-elevate without prompt, abused to bypass UAC 8 Token Impersonation (SeImpersonate) Impersonate privileged tokens via named pipes (e.g., PrintSpoofer) 9 Named Pipe Impersonation SYSTEM service talks over pipe, attacker hijacks impersonation 10 Startup Folder Abuse Place payload in startup folder to auto-run on login 11 GPP Passwords Steal plaintext admin passwords from S...

Powered by Blogger