Pinned Repositories
CVE-2021-41773-exercise
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and not earlier versions. Credits to: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773
Dockerfile-DockerHub
Info generali su Docker: dalla creazione di un'immagine al push su DockerHub
DSP_Repo
A template for Docker Security Playground projects
GIT_Challenge_1
GIT_Challenge_2
HTB-Secret-WriteUp
Write Up of HTB machine: Secret
smtp_user_enumeration-exercise
How to exercise with SMTP-Postfix user enumeration
telebob
vulnerable_docker_apache_2_4_49
Docker vulnerabile per scopi accademici con Apache 2.4.49.
vulnerable_docker_ftp_anonymous
Docker vulnerabile per scopi accademici con FTP con login anonimo.
m96dg's Repositories
m96dg/CVE-2021-41773-exercise
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and not earlier versions. Credits to: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773
m96dg/Dockerfile-DockerHub
Info generali su Docker: dalla creazione di un'immagine al push su DockerHub
m96dg/DSP_Repo
A template for Docker Security Playground projects
m96dg/GIT_Challenge_1
m96dg/GIT_Challenge_2
m96dg/HTB-Secret-WriteUp
Write Up of HTB machine: Secret
m96dg/smtp_user_enumeration-exercise
How to exercise with SMTP-Postfix user enumeration
m96dg/telebob
m96dg/vulnerable_docker_apache_2_4_49
Docker vulnerabile per scopi accademici con Apache 2.4.49.
m96dg/vulnerable_docker_ftp_anonymous
Docker vulnerabile per scopi accademici con FTP con login anonimo.
m96dg/vulnerable_docker_php_7
Docker vulnerabile per scopi accademici con Apache 2.4.25 in Debian su PHP 7.0.33.
m96dg/vulnerable_docker_smtp
Docker vulnerabile per scopi accademici con SMTP.
m96dg/WWDC2020_Playground_MassimoDiGuida
My journey to WWDC 2020 - No Winner