There is no excerpt because this is a protected post.
hackthebox – popcorn – linux
Start with nmap Only two ports are open. Nmap reveals SSH and HTTP version. Lets use gobuster. We found that the server is hosting torrent hoster. Check if we find any vulnerability using searchpolit. Found one, but not sure how it works. Send me the link on how to use it in the comment. In […]
hackthebox – lame – linux
Start the hack with nmap We see the port 21 is open. Lets search for the version in searchploit The FTP is vulnerable and we could get the RCE but for some reason, it didn’t work. Moving on to samba. Lets use smbmap We have access to the tmp. Again, using smbclient to explore further. […]
hackthebox – devel – windows
Start the hack with nmap Check if we have anonymous access or not. Nice, we have anonymous. Further, check if we can write there or not. I already have tested and it came positive. HTTP shows the server has IIS installed. We can upload the aspx webshell from FTP and try to access it from […]
How to install multiple WordPress plugins at once?
As a server admin there is a time when you want to install fresh copy of WordPress plugins at once. This might be time consuming if we install them one by one from WordPress dashboard. Even downloading each plugins one by one and uploading them to server at once is waste of time. Here is […]
nmap scan (windows machine)
While doing pentest it is important that you know the service that end machine is running. No matter what the victim machine OS (Linux/Windows) is we can use nmap to reveal the open ports and services. Lets start by doing simple nmap: If you do nmap and IP only then it will show above result […]
Auto migrate process using msf
Manual migration of process to another process might become hasslesome. After you get reverse shell you can automatically migrate the process using post exploitation script. We can do it as following. By the bing by the boom your process will automigrate 😉
Hacking windows shares
First of all lets check if share is enable or not by using nmap scan. Here, port netbios port 139 is open. Now, checkout the shares name. For this we have tool in kali linux called `smbclient`. where, -L will get a list of shares available on a host So, we have number of shares […]
Upgrade to a full tty shell
In ctf after you get a shell you may want to see if you can upgrade to a full tty shell. You can find many ippsec videos on youtube doing this. First see if there is python or not $ which python If it is available, type following command to get bash shell. There is […]