Yang Hao's blog
Yang Hao's blog
2025-01-24T10:24:10.753Z
https://yanghaoi.github.io/
YangHao
Hexo
PHP filters和CVE-2024-2961组合:从文件读取到RCE
https://yanghaoi.github.io/2024/12/04/phpfilters-he-cve-2024-2961-cong-wen-jian-du-qu-dao-rce/
2024-12-04T06:27:20.270Z
2025-01-24T10:24:10.753Z
<h2 id="1-简介"><a href="#1-简介" class="headerlink" title="1. 简介"></a>1. 简介</h2><p> glibc(GNU C Library)是 GNU 项目的一部分,主要为基于 Unix 的系统(如 Linux)提供
Fastjson反序列化漏洞复现
https://yanghaoi.github.io/2024/08/18/fastjson-lou-dong-chang-jian-wa-jue-he-li-yong-fang-fa/
2024-08-18T14:14:47.337Z
2025-01-24T08:04:58.161Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>Fastjson 是阿里巴巴开源的一个高性能 JSON 库,广泛应用于 Java 应用中进行
利用Azure Attest Service持久化
https://yanghaoi.github.io/2022/08/29/li-yong-azureattestservice-chi-jiu-hua/
2022-08-29T00:57:32.220Z
2022-08-29T02:48:32.111Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p><code>AzureAttestService</code>是安装<code>SQL
Windows Installer安装包的构建和执行
https://yanghaoi.github.io/2022/03/28/windows-installer-an-zhuang-bao-de-gou-jian-he-zhi-xing/
2022-03-28T12:12:43.906Z
2022-06-02T09:46:46.623Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>Msiexec是WIndows上从命令行执行Windows
360隔离沙箱逃逸
https://yanghaoi.github.io/2022/03/18/360-ge-chi-sha-xiang-tao-yi/
2022-03-18T07:15:09.220Z
2023-05-01T14:37:42.493Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01
通过 C++ 操作注册表禁用 Windows Defender
https://yanghaoi.github.io/2022/03/07/tong-guo-c-cao-zuo-zhu-ce-biao-jin-yong-windows-defender/
2022-03-07T03:39:19.880Z
2024-08-18T12:23:59.978Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>最近整理文件,发现自己之前禁用<code>Windows
PHP任意文件上传绕过多重限制
https://yanghaoi.github.io/2021/11/24/php-ren-yi-wen-jian-shang-chuan-rao-guo-duo-chong-xian-zhi/
2021-11-24T02:46:26.349Z
2021-12-30T08:43:05.073Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01
DLL劫持漏洞
https://yanghaoi.github.io/2021/11/18/dll-jie-chi-lou-dong/
2021-11-18T08:10:41.850Z
2022-03-10T07:44:40.924Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01
一次HSTS警告的排查
https://yanghaoi.github.io/2021/11/03/yi-ci-hsts-jing-gao-de-pai-cha/
2021-11-02T18:18:06.422Z
2021-11-02T18:26:16.575Z
<p>最近访问博客发现页面显示不正常,F12查看网络情况后发现cloudflare加载的静态资源出了问题,具体表现为浏览器出现HSTS警告,使用socks5代理时正常(使用socks5代理时,DNS查询也是用的socks5代理):<br><img
Redis漏洞利用
https://yanghaoi.github.io/2021/10/09/redis-lou-dong-li-yong/
2021-10-09T10:56:39.491Z
2022-03-19T22:03:44.454Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>Redis
SSRF漏洞基础
https://yanghaoi.github.io/2021/10/07/ssrf-lou-dong-ji-chu/
2021-10-06T17:16:12.129Z
2021-10-18T09:46:39.162Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>SSRF(Server-side request forgery,服务端跨站请求伪造)是一种
XXE漏洞基础
https://yanghaoi.github.io/2021/10/06/xxe-lou-dong-ji-chu/
2021-10-06T13:52:05.000Z
2024-07-04T04:59:32.640Z
<h2 id="0x01-前言"><a href="#0x01-前言" class="headerlink" title="0x01 前言"></a>0x01
Webgoat靶场调试环境配置
https://yanghaoi.github.io/2021/10/05/webgoat-ba-chang-diao-shi-huan-jing-pei-zhi/
2021-10-05T13:52:05.000Z
2021-11-25T02:49:43.593Z
<h2 id="0x01-简介"><a href="#0x01-简介" class="headerlink" title="0x01 简介"></a>0x01 简介</h2><p>选择<a
CobaltStrike流量伪装与安全配置
https://yanghaoi.github.io/2021/08/19/cobaltstrike-liu-liang-yin-cang-yu-an-quan-pei-zhi/
2021-08-18T18:06:24.926Z
2021-09-06T12:44:17.573Z
<h2 id="0x01-前言"><a href="#0x01-前言" class="headerlink" title="0x01 前言"></a>0x01
PHPStorm+PHPStudy调试配置
https://yanghaoi.github.io/2021/07/27/phpstudy-phpstorm-de-dai-ma-diao-shi-pei-zhi/
2021-07-27T11:25:05.292Z
2021-11-02T18:19:37.727Z
<h2 id="0x01-简述"><a href="#0x01-简述" class="headerlink" title="0x01 简述"></a>0x01
Cobalt Strike插件之CVE-2020-0796提权脚本开发
https://yanghaoi.github.io/2021/04/22/cobalt-strike-cha-jian-zhi-cve-2020-0796-ti-quan-jiao-ben-kai-fa/
2021-04-22T14:41:13.080Z
2021-04-22T15:21:56.503Z
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>CVE-2020-0796(Windows SMBv3 Client/Server Remote
Windows本地提权漏洞CVE-2020-1313复现
https://yanghaoi.github.io/2020/10/09/windows-ben-di-ti-quan-lou-dong-cve-2020-1313-fu-xian/
2020-10-09T08:14:44.972Z
2021-11-02T18:21:22.654Z
<h4 id="1-前言"><a href="#1-前言" class="headerlink" title="1. 前言"></a>1.
记一次简单的win提权
https://yanghaoi.github.io/2020/09/06/ji-yi-ci-jian-dan-de-win-ti-quan/
2020-09-06T06:32:24.637Z
2023-05-01T14:38:10.342Z
<h4 id="1-前言"><a href="#1-前言" class="headerlink" title="1. 前言"></a>1.
简单的源码免杀
https://yanghaoi.github.io/2020/08/30/jian-dan-de-yuan-ma-mian-sha/
2020-08-30T05:49:04.297Z
2023-05-11T07:37:33.142Z
<h4 id="1-前言"><a href="#1-前言" class="headerlink" title="1. 前言"></a>1.
Weblogic IIOP反序列化漏洞CVE-2020-2551复现
https://yanghaoi.github.io/2020/08/22/weblogic-iiop-fan-xu-lie-hua-lou-dong-cve-2020-2551-fu-xian/
2020-08-21T18:12:53.460Z
2021-11-02T18:22:54.928Z
<h4 id="1-前言"><a href="#1-前言" class="headerlink" title="1. 前言"></a>1. 前言</h4><blockquote>
<p>2020年1月15日, Oracle官方发布了Weblogic