Пропускане към основното съдържание

Learning ruby

Install default
1:  # Default  
2:  yum groupinstall "Development Tools"  
3:  yum install ruby  
4:  yum install gcc make automake autoconf curl-devel openssl-devel zlib-devel httpd-devel apr-devel apr-util-devel sqlite-devel  
5:  yum install ruby-rdoc ruby-devel  
6:  yum install rubygems  
7:  gem update
Install and use ruby 2.2.x - user: root
1:  yum groupinstall -y development  
2:  gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
3:  curl -sSL https://get.rvm.io | bash -s stable
4:  source /etc/profile.d/rvm.sh  
5:  rvm install 2.2.4  
6:  gem update  
7:  gem install rails  
8:  ruby --version 
9:  rvm default 

-:  Start by default after rebooting the system:

10: cd /usr/local/rvm/gems/ruby-2.2.4/bin
    echo "export PATH=$(pwd):\$PATH" >> ~/.bashrc

11: cd /usr/local/rvm/gems/ruby-2.2.4@global/bin
    echo "export PATH=$(pwd):\$PATH" >> ~/.bashrc

12: cd /usr/local/rvm/rubies/ruby-2.2.4/bin
    echo "export PATH=$(pwd):\$PATH" >> ~/.bashrc

13: cd /usr/local/rvm/bin
    echo "export PATH=$(pwd):\$PATH" >> ~/.bashrc


Popular Posts


REPRODUCE OF THE VULNERABILITY =): Collaboration: silentsignal

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1


Donate if you are not shame!