https://sangsoo-forensic.notion.site/cyberdefenders-MrRobot-fa7b8ceb297e470fa65d033b5d893a11

Why I chose this vulnerability Nowadays, I realised that I did not research web vulnerability more. Suddenly I thought I need to refresh my imagination and knowledge about the web. Luckily, I read the one RCE related Spring Core. I tried to understand, and I started writing this article hoping that someone would give me feedback. The fact news via some firms It is unofficially released informati..

#!/bin/bash mydocker=$(docker version | grep -Eo '[[:digit:]]{1,}[.][[:digit:]]{1,}[.][[:digit:]]{1,}' | head -1) info_cve=$(curl https://www.cvedetails.com/vulnerability-list/vendor_id-13534/Docker.html | grep -Eo '[[:digit:]]{1,}[.][[:digit:]]{1,}[.][[:digit:]]{1,}') info_cve_list=($info_cve) chk=0 for index in "${info_cve_list[@]}" do if [ "$mydocker" = "$index" ]; then echo "The version $myd..

Keyword: Memory Dump The investigator gained one dump file. The table shows the default option is below related to the dump file. The Result of the NtMajorVersion is 10. In other words, the system is working on Windows 10 OS. Kernel Base 0xf8002ec04000 DTB 0x1ab000 Symbols file:///home/kali/Desktop/volatility3/volatility3/symbols/windows/ntkrnlmp.pdb/D788F72ABE964EFCACAAD0276DAAE6CB-1.json.xz Is..

Hello guys. Welcome to my IR practice room. Today, I solved one problem 'Insurance' located in incident-response-challenge.com. Actually, you can get a flag easily. I had many questions about this challenge. Hence, I conducted a detailed analysis myself. While conducting the analysis, there was a lot of new knowledge and it was a good time to use the knowledge I had known before. The person who ..

Westeros.GOT사는 다수의 SQL Injection 공격을 WAF를 통해 탐지하였으며 서버 접근 권한을 SQL Injection으로부터 탈취당한 것에 두려움에 떨고 있다. 해당 고객사는 조사관에게 서버 탈취 여부에 대해 조사 요청하였다. 조사관은 Westeros사로부터 디스크 파일(‘2020-02-05T110520_SQL.vhdx’)을 전달받았다. 조사를 진행해보니, 해당 회사는 MSSQL을 이용하고 있었다. Microsoft SQL Server 2019 (RTM) - 15.0.2000.5 (X64) 뿐만 아니라, 서버 계정을 로그를 통해 살펴보니 ‘sa’계정을 그대로 이용중인 것을 확인하였다. 이 계정은 MSSQL 설치시 디폴트로 생성되는 계정이기 때문에 잘 알려진 계정이라고 볼 수 있다. 이 ..