Skip to content

Exam Tips

Turn on database log

Turn on database log to find potential sql injection point.

sudo nano /etc/mysql/my.cnf

[mysqld]
...
general_log_file        = /var/log/mysql/mysql.log
general_log             = 1

sudo systemctl restart mysql

sudo tail -f /var/log/mysql/mysql.log

Deserialization

https://hacktricks.boitatech.com.br/pentesting-web/deserialization

.Net deserialization

ysoserial.net

magic chars for .Net serialization: something starts like AAEAAAD

Jave deserialization

ysoserial java

Python deserialization

pay attention to pickle, json pickle libraries

Run .Net project in Linux

  1. Create a new console project:
dotnet new console -o MyApp
cd MyApp
  1. Replace the default Program.cs with your code file

  2. Run the application:

dotnet run