• 苦于每次请不干净垃圾,所以记录一篇博客以备忘以供查阅

删除垃圾和多余软件包

1
2
3
4
5
apt-get autoclean                #清理旧版本的软件缓存
apt-get clean #清理所有软件缓存
apt-get autoremove #删除系统不再使用的孤立软件
apt-get remove --purge 软件名
dpkg -l |grep ^rc|awk '{print $2}' |sudo xargs dpkg -P #清除残余的配置文件
Read more »

  • Felix Wilhelm最近的一条关于概念验证(PoC)“容器逃逸”的推文激起了兴趣,因为进行了类似的研究,并好奇这个PoC会如何影响Kubernetes。

  • Felix’s poc on tweets

Felix的tweeter展示了一个漏洞,该漏洞从一个使用–privileged flag运行的Docker容器中启动主机上的进程。PoC通过滥用Linux cgroup v1的“发布通知”特性来实现这一点。
下面是在主机上启动ps的PoC版本:

Read more »

  • Why you should not run Docker with the “privileged” flag

Privileged Docker容器是使用 –Privileged flag运行的容器。与常规容器不同,这些容器具有对主机的root权限。

当容器需要直接的硬件访问权限来完成它们的任务时,通常使用Privileged容器。然而,有Privileged的Docker容器可以使攻击者接管主机系统。now,看看攻击者是如何逃逸Privileged容器的。

寻找可利用的容器

怎么才能首先知道是否处于一个Privileged的容器中呢?

Read more »

introduce

OS: Linux
Difficulty: Insane
Points: 50
Release: 19 Sep 2020
IP: 10.10.10.208

User Blood haqpl 00 days, 15 hours, 52 mins, 14 seconds.
Root Blood haqpl 01 days, 00 hours, 25 mins, 20 seconds.

  • my htb rank

Read more »

introduce

OS: Linux
Difficulty: Easy
Points: 20
Release: 14 Nov 2020
IP: 10.10.10.216

User Blood wtflink 00 days, 01 hours, 48 mins, 28 seconds.
Root Blood Icebreaker 00 days, 02 hours, 03 mins, 10 seconds.

  • my htb rank

Read more »

introduce

OS: Linux
Difficulty: Easy
Points: 20
Release: 07 Nov 2020
IP: 10.10.10.215

User Blood snowscan 00 days, 00 hours, 21 mins, 04 seconds.
Root Blood jkr 00 days, 00 hours, 47 mins, 31 seconds.

  • my htb rank

Read more »

introduce

OS: Linux
Difficulty: Medium
Points: 30
Release: 17 Oct 2020
IP: 10.10.10.212

User Blood szymex73 00 days, 00 hours, 41 mins, 20 seconds.
Root Blood szymex73 00 days, 01 hours, 20 mins, 22 seconds.

  • my htb rank

Read more »

introduce

OS: Linux
Difficulty: Medium
Points: 30
Release: 24 Oct 2020
IP: 10.10.10.214

User Blood Sp3eD 00 days, 00 hours, 08 mins, 51 seconds.
Root Blood Sp3eD 00 days, 00 hours, 17 mins, 49 seconds.

  • my htb rank

Read more »

常规木马免杀处理-查杀情况记录2

杀毒软件及免杀技巧资源汇总Anti-av

  • 杀毒软件及免杀技巧资源汇总Anti-av

venom

  • venom-github

安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
1º - Download framework from github
git clone https://github.com/r00t-3xp10it/venom.git

2º - Set execution permitions
cd venom-main
sudo find ./ -name "*.sh" -exec chmod +x {} \;
sudo find ./ -name "*.py" -exec chmod +x {} \;

3º - Install all dependencies
cd aux && sudo ./setup.sh

4º - Run main tool
sudo ./venom.sh

Update venom instalation (compare local version againts github oficial version)
sudo ./venom.sh -u
Read more »