IIS7 website monitoring can promptly prevent and control website risks, quickly and accurately monitor whether a website is under various hijacking attacks, whether the website can be accessed normally nationwide (checking if the domain name is blocked), accurately detect DNS poisoning, and has a website loading speed test function. It can immediately identify whether a website has been hacked, compromised, had its title changed, or had malicious links added. A product striving for excellence, with zero defects provided!

Penetration testing (time-consuming, precise): Insufficient input/output validation, design flaws, environmental vulnerabilities, SQL injection, XSS, CSRF, directory traversal, file upload, code injection, command injection, information leakage, brute force attacks, privilege escalation vulnerabilities, unauthorized object references, business logic flaws, framework vulnerabilities, basic environment vulnerabilities. Information gathering --> Attack testing --> Privilege escalation --> Expansion.

Selection order (personal suggestion): Penetration DPI SDK SMS.

Penetration testing team, capable of penetration, backend access, server modification, intrusion, etc.

In CVE-2020-11651, an authentication bypass vulnerability allows attackers to bypass Salt Master's authentication logic by constructing malicious requests, thereby invoking unauthorized functions and enabling remote command execution.
@SunlightAllison

Due to recent work requirements, I needed to monitor some registered websites to find vulnerabilities, such as homepage hijacking, hidden links, and weak passwords. During this process, I discovered an interesting case that I'd like to share.

Upon opening the website, it displayed a 404 Not Found error, but the title indicated "Official Website." Examining the source code revealed malicious JavaScript.

It's clear that it checks the User Agent (UA) header. If the user accesses the website from a PC, it displays a 404 error; if they access it from a mobile phone, it redirects them to a legitimate gambling website, facilitating app downloads. The code primarily modifies webpage tags, which, in terms of XSS injection detection, resembles DOM-based injection (primarily examining the innerHTML).

👑Penetration of Designated Sites

1. Clients provide their website platform. Business personnel submit the site to our technical staff for scanning and evaluation. Our technical staff analyzes the site to determine its suitability and will inform you of the timeline and cost.

👑Research and Innovation
We provide platform development services for all gray-market industries and app development for legitimate industries.

We have a technical team and both black-hat and white-hat hackers. We are available throughout Southeast Asia for in-person and offline discussions.

3The system design interview is considered to be the most complex and most difficult technical job interview by many.

This book provides a step-by-step framework on how to tackle a system design question.

It includes many real-world examples to illustrate the systematic approach with detailed steps that you can follow.
@SunlightAllison

Many people may not understand what remote code control can do. Look at the picture above; this is one of our compromised computers, belonging to a group leader in a Philippine-based overseas cryptocurrency scam. If you happen to be in the same industry, you can steal any data or scripts from their computer. You can monitor their Telegram work group and gradually obtain their customers, purchased followers, and backend account passwords. The most amazing step is that you can directly use this Telegram account to steal funds and USDT from people around them.

To make this attack more effective, the requested resource should be as large as possible; for example, the test image "test.png" in my example is over 4MB in size. If the target website doesn't have such a large resource, but supports HTTP pipelining, you can increase the returned content by requesting the same resource multiple times within the same connection. The captured data packets show that when requesting the "test.png" resource, the client's window size was intentionally set to 1120 bytes. After the client buffer was filled with data from the server, it issued a [TCP ZeroWindow] warning, forcing the server to wait. From the start of the interaction to its termination, the single connection took 14 seconds. (Captured data)

Financial investors are infiltrating domestic apps and overseas websites, hacking into backends, extracting databases, hijacking DNS, and gaining server access, among other things.
@SunlightAllison

"Network attack reflection technology," as a proactive defense technique, does not aim to cause substantial harm to the attacker. Instead, it aims to ensure the victim is protected from harm while preserving evidence of the attack, analyzing the attack, and obtaining firsthand intelligence. This, in turn, helps the victim improve their overall defense capabilities.

After executing the SQL statement, the record will be saved in shell.php.

Checking the log status, it was found that "off" was not enabled, and the log save path was *@#*@*#@.log. It was discovered that the website is hosted using phpstudy, so the website path is under D:\phpstudy\www\.

Database backend privileges (get shell): Log in to the backend by brute-forcing weak passwords.
@SunlightAllison