mm0@home:~$

  • [xss] lab stored xss into anchor href attribute wi b2fa26213f2e496d978f2cccddbbf8ba

    [XSS] Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded since the lab mentions clicking on the author name and it uses a href since the website is not enforcing a website input therefore it doesn’t HTTP://websitename.com so because of this, we can use this input with the javascript: protocol so for...

  • [xss] lab reflected xss into a javascript string w d65f3a32801b4f7b8b5db2f523aa2d74

    [XSS] Lab: Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped so the website is taking the input that we’re providing from the search query and placing it within the context of a HTML tag as well as a img src tag and within...

  • [xss] dom xss in jquery selector sink using a hash 957032c5628543c6a093a832ec593d06

    [XSS] DOM XSS in jQuery selector sink using a hashchange event [XSS] Lab: DOM XSS in jQuery selector sink using a hashchange event using firebug lite we can filter to view scripts. like this one: for this challenge since we can see the website is use the $() jquery selector...

  • [xss] dom xss in jquery anchor href attribute sink 740b762617504747a728ee57152d831e

    [XSS] DOM XSS in jQuery anchor href attribute sink using location.search source

  • [xss] lab reflected dom xss 56ec30c8216a42dab75761404e2952d3

    [XSS] Lab: Reflected DOM XSS lets inject a canary and search for it within the inspect page of the web site the canary I will use os ‘lb115’ let’s also look at our network tab in inpect tool for all request being made. lets look at the contents of this...

  • HackTheBox Write-Up 'Lame' {EASY}

    ‘LAME’ HacktheBox HTB _ “Lame” _ Machine Write-Up/Report ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ HTB link: https://app.hackthebox.com/machines/Lame \ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -→ MICHAEL(Nolkm) RECON scanning: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** IMPORTANT *** 21/tcp open ftp vsftpd 2.3.4 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn...

  • Important

    I will no longer be posting my blogs here instead you can visit my blogger page: https://michael-kali.blogspot.com/

  • Ctf_writeup_issessions (3rd place write Up ***winner!***)

    Issesion CTF 2023 Write Up mm0 Team ***** is proud to have come in 28th place in the ISSESSION CTF 2023 with a total of 546 points! List of Flags Challenge Category Value Time [KPMG] Very Simple OSINT OSINT 30 January 14th, 10:53:22 AM Vacation Spot OSINT 30 January 14th,...

  • How Python Was Made?

    How Python Was Made Guido Van Rossum was born in the Netherlands in 1956. After receiving an electronics kit for his 10th birthday, he began constructing circuits as a hobby. From a young age, he was fascinated by mathematics and technology. He would later attend the University of Amsterdam, earning...