time to play level2@io:/levels$ ./level02 source code is available in level02.c let’s read what it says level2@io:/levels$ cat level02.c //a little fun brought to you by bla #include <stdio.h> #include <stdlib.h> #include <signal.h> #include <setjmp.h> void catcher(int a) { setresuid(geteuid(),geteuid(),geteuid()); printf(“WIN!\n”); system(“/bin/sh”); exit(0); } int main(int argc, char **argv) { puts(“source code is available in … Read More
after login to the ssh server levels located on /levels so let’s play level1 level2@io:/levels$ ls -alh level01 -r-sr-x— 1 level2 level1 1.2K Jan 13 2014 level01 as u notice it had suid permeation -r-sr-x— for level2 so it will lead us to a user (level2 ) level1@io:/levels$ ./level01 Enter the 3 digit passcode to enter: … Read More
let’s assume u have NGINX on port 80 apache on port 8080 in nginx config -> sever config -> virtualhost config location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.0.0.1:8080; }
GPG = Gnu Privacy Guard To secure file from unauthorised access with the password in Linux/Unix is very simple method 🙂 lets assume we have a secure file with some financials stuff called orders.xls and we want to email it to our partners and we want to get sure just he is the only one … Read More
we do create many databases every day and i love UTF-8 data formate so i decided to make something simple and save my time here is the syntax to create a database called unixawy in utf8 CREATE DATABASE `unixawy` CHARACTER SET utf8 COLLATE utf8_general_ci; to add a user for unixawy with password unixawysecret GRANT ALL ON … Read More
we all hate this ERROR 1045 (28000): the problem starts with “you can’t access and u will not be able to change the MySQL/MariaDB password while the service is running u have to disable it and run mysqld_safe which will allow u to update the user table inside MySQL database with no password then u will … Read More
Welcome to UNIXAWY. This is my first post. I made the blog to save someone time as someone saved my time 😉