O
O
OSCP Notes
Search
⌃K
Introduction
Port scanning
Passive Information Gathering
Ports enum:
Recon Tools
Tech Skills Needed
msfvenom
meterpreter commands
Web Apps
General methods
phpmyadmin
cgi priv esc
Phreesoft 5.2.3
Webmin
ColdFusion 8
Wordpress
Mysql commands
xampp
Elastix
Drupal (CMS)
SQL & LFI
LFI
RFI
wfuzz
Manual SQL injection
Port Swigger SQL
php hacks
XSS
XML file upload RCE
Postgress creds found?
mongo db creds found?
base64 encoded Web bruteforcing
Web app source
uploading img as php
iframe technique
python scripts
Windows hacks
Port Forwarding
Reverse shells
Binary exploitation
Transfering Modules
Buffer Overflow
Cracking!
shellshock
Active Directory
Antivirus Evasion
Windows Priv Esc
Linux Priv Esc
Active Directory Case Studies
Pivoting
C program analysis
Misc
Hack the box Write-ups
THM Offensive Security Path
Proving Ground
Cyber Sec Labs
Powered By GitBook

base64 encoded Web bruteforcing

  1. 1.
    send the request to the intruder
  2. 2.
    select the ended part with add
  3. 3.
    go to payload pick custom iterator for payload 1, set a username "admin"
  4. 4.
    pick position 2 and paste rockyou.txt content
  5. 5.
    for payload processing, add > Base64-encode
start the attack
make sure the port is correct~! https://medium.com/@bamroatbabak/seppuku-1-vulnhub-walkthrough-beea41846775
Previous
mongo db creds found?
Next
Web app source
Last modified 1yr ago
Copy link