[security] File upload

The lab uses metasploitable. This lab gives awareness of file upload vulnerability, there are three levels of security - low, medium and high, the objective is to try to upload a forward shell code then connect to it to gain the server access. Low security This is the php code of low security file upload: … Continue reading [security] File upload

[python]Argparser

I do not like to write a python cli that accepts argument as I am an advocate of using wizard style to guide user on how to configure things easily. But it seems the time has come for me to write a CLI script in python, and in order to provide usage guide and data … Continue reading [python]Argparser

[python] Improving get_project_dirs method of SSHClient subclass

I noticed I did not have enough testing on my code for getting directories under base project directory. This is part of the code snippet of my SSHClient subclass: The problem The method gets all things under the base directory that is files and directories, that is because I have sliced and diced too much … Continue reading [python] Improving get_project_dirs method of SSHClient subclass

[python]Dissecting AggregatedResult

I felt it is worth to take some of my sleeping time to document how to dissect AggregatedResult object after a nornir task is executed. napalm_get with getters=["config"] This are my user inputs: example: After nornir task is executed an AggregatedResult object which looks like below: AggregatedResult is a dictionary like object, in this example … Continue reading [python]Dissecting AggregatedResult