Exploit XXE Vulnerability Using Excel File

From my last article, we can exploit XXE using Docx file. Now lets build exploit XXE vulnerability using Excel file. Exploit XXE Vulnerability Using Excel File? Microsoft released OOXML Document, OOXML Presentation and OOXML Workbook in 7 December 2006. Source: Wikipedia. So, what is Office Open XML? Office Open XML, also known as OpenXML or


Exploit XXE Vulnerability Using Docx File

Today, I found a vulnerability on a server which is has feature upload for docx file. I will try to explain how to exploit XXE vulnerability using docx file and how to find this vulnerability. So.. What is XXE Vulnerability? An XML External Entity attack is a type of attack against an application that parses


VulnHub - Bulldog 1 Walkthrough

In this weekend, I will try to write a walkthrough to the VulnHub Bulldog 1. You can download this CTF VM on VulnHub’s website. First, I need to find some open port on the target machine.

I got 3 open ports on the target machine. Now let’s find out what services are running on


How to Install Fiddler on Kali Linux

Fiddler is a free web debugging proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more. Fiddler could be easily manipulate and edit web sessions. All you need to do is set


How To Split Linux Terminal

Hi folks, Sometimes we want to run a command while inspecting the results. Here is the tips how to split linux terminal by using screen. First activate screen :

Split terminal horizontally :

Split terminal vertically :

Activating window :

Move between window :

Thats how to split linux terminal.