We ❤️ FoodCyberSec

1. Dev Machine

SQL Injection
Broken Authentication
- Session Management
Broken Access Control
- Fail Authorization System
Security Misconfiguration
- PHP allows dangerous function.

2. Cry Cry Cry

Samba EternalBlue on Linux
- Broken Access Control

3. Query1

SQL Injection
- parameter is not validated
Security Misconfiguration
- Unchecked uploaded files
- PHP allows dangerous function
Privilege Escalation
- Reverse Engineering
- Sticky Bit

4. Query2

Security Misconfiguration
- MongoDB - Unauthenticated Remote Connections

5. Internal Threat

Security Misconfiguration
- LogStash is running as root
- Command injection
- PHP insecure
File Inclusion
- Null Bytes
Known Vulnarability
- Kibana CVE-2018-17246

6. Show Me The File

SQL Injection
Broken Authentication (Session Management)
Broken Access Control
Security Misconfiguration

7. EternalBlue (Windows 2008 R2)

MS17-010

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

We ❤️ FoodCyberSec

1. Dev Machine

2. Cry Cry Cry

3. Query1

4. Query2

5. Internal Threat

6. Show Me The File

7. EternalBlue (Windows 2008 R2)

About

Releases

Packages

babebbu/FIN_ACK_300-FinCyberSecTH2019-Hardening-WriteUp

Folders and files

Latest commit

History

Repository files navigation

We ❤️ FoodCyberSec

1. Dev Machine

2. Cry Cry Cry

3. Query1

4. Query2

5. Internal Threat

6. Show Me The File

7. EternalBlue (Windows 2008 R2)

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages