Exam Tips
Turn on database log
Turn on database log to find potential sql injection point.
sudo nano /etc/mysql/my.cnf
[mysqld]
...
general_log_file = /var/log/mysql/mysql.log
general_log = 1
sudo systemctl restart mysql
sudo tail -f /var/log/mysql/mysql.log
Deserialization
https://hacktricks.boitatech.com.br/pentesting-web/deserialization
.Net deserialization
ysoserial.net
magic chars for .Net serialization: something starts like AAEAAAD
Jave deserialization
ysoserial java
Python deserialization
pay attention to pickle, json pickle libraries
Run .Net project in Linux
- Create a new console project:
dotnet new console -o MyApp
cd MyApp
-
Replace the default Program.cs with your code file
-
Run the application:
dotnet run