1. yum groupinstall "Development Tools"
yum install ncurses-devel
2. Download kernel 4.1.1 to /usr/src/
3. cd /usr/src/
4. tar -Jxvf linux-4.1.1.tar.xz
5. cd /usr/src/linux-4.1.1....
6. make help - RECOMMENDED: if you want to see what you can you do!
7. make mrproper - Cleaning and check dependencies
8. make menuconfig - WARNING: This is for advanced users! Make your own setup if you want, and follow the menu to save and exit!
9. make bzImage - compile the bzImage kernel
10. make modules - compile the modules
11. make modules_install - install of already compiled modules
12. make install - install of all dependencies to already compiled kernel
This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "192.168.1.44/DVWA/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1
Коментари
Публикуване на коментар