Tag

asp

Hack The Box – Bounty Walkthrough

Introduction

This was an easy Windows machine that involved uploading a web.config file onto a Windows ASP web server to gain remote code execution and exploiting token impersonation to escalate privileges to system.

May 9, 2021 | by Stefano Lanaro | Leave a comment

Checklists, Resources

File Upload Restriction Bypass Checklist

Introduction

When enumerating web applications, we often find ourselves in front of a file upload file that allows us to potentially upload malicious files onto the application, such as a PHP or ASP shell, although these will often have certain restrictions that will only allow certain file types, extensions, file names or contents.

Through this checklist, I hope to cover most of the possible bypass methods that can be used to get past this restriction.

January 20, 2021 | by Stefano Lanaro | 2 Comments

Navigation
- Home
- CTF Walkthroughs
- Guides
- Reviews
- Resources
  - Cheat Sheets
  - Checklists
- About
About StefLan Security

I am a penetration tester and cyber security / Linux enthusiast.
Through this blog, I would like to share my passion for penetration testing, hoping that this might be of help for other students and professionals out there. I will be more than glad to exchange ideas with other fellow pentesters and enthusiasts.
Recent Posts
- Certified Red Team Expert (CRTE) Review April 16, 2024
- TryHackMe – Nax Walkthrough April 8, 2024
- Certified Azure Red Team Professional (CARTP) Review December 23, 2023
- A Complete Guide to Hacking GraphQL September 17, 2023
- Offensive Security Experienced Penetration Tester (OSEP) Review January 24, 2023