临渊羡鱼

Wildcard Gone Wild：Unix 通配符攻击-译

Posted on 2025-09-30 Edited on 2025-10-01 In How It Works-临渊羡鱼 , tricks

看似无害的 *，在以 - 开头的文件名面前会变身成危险参数。Leon Juranic的这篇文章讲解了 chown/chmod/rsync/tar 的通配符注入链路并解释其原理。

OSCP认证总结

Posted on 2025-05-03 Edited on 2025-10-02 In What We Got-臭鱼烂虾 , OSCP

从2024年10月份开始学习到25年4月初通过考试，总计花费5个月时间，本文是我对OSCP考试经历的总结分享

Proving Grounds Practice - Slort

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Slort打靶过程记录

Proving Grounds Practice - Access

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Access打靶过程记录

Proving Grounds Practice - Austronaut

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Austronaut打靶过程记录

Proving Grounds Practice - AuthBy

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中AuthBy打靶过程记录

Proving Grounds Practice - Blackgate

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Blackgate打靶过程记录

Proving Grounds Practice - Codo

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Codo打靶过程记录

Proving Grounds Practice - Craft

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Craft打靶过程记录

Proving Grounds Practice - Exfiterated

Posted on 2025-03-11 Edited on 2025-09-30 In What We Do-三天打鱼 , OSCP , PG Lab

Proving Grounds Practice Lab中Exfiterated打靶过程记录