In ctf after you get a shell you may want to see if you can upgrade to a full tty shell. You can find many ippsec videos on youtube doing this. First see if there is python or not $ which python If it is available, type following command to get bash shell. There is […]
Want to join ESET as a pentester?
As the title says do you want to join ESET? There is an ESET link where you can prove your skill and send the report to [email protected] . In this post I will share some of the challenges write up. Do not follow if you seriously want to solve this by yourself. *Tests are done […]
Cybertalents – threat con ctf 2019 – online now writeup
So this one was 200 points hard challenge. I guess only one guy was able to do it. I was a little bit disappointed that I was not able to do it on time. Anyway here is the writeup. Let us begin with the URL, the URL for the challenge was http://35.224.115.104/onlinenow/ which is as […]
Protected: hackthebox networked walkthrough
There is no excerpt because this is a protected post.
Protected: heist hackthebox walkthrough
There is no excerpt because this is a protected post.
hackthebox jerry walkthrough
Starting with nmap We have only port 8080 open with Tomcat Click on Manager App Use default credentials tomcat/s3cret We will create a war file and try to get a shell Upload it from manager and access it http://10.10.10.95:8080/shell/ We will get the shell We can now read the flag
hackthebox bounty walkthrough
Starting with nmap port 80 shows just a picture named merlin.jpg. Possibly a user in the box. Doing gobuster and scanning with .aspx extension we get two things of interest. First transfer.aspx where we can upload files and second UploadedFiles where we get to access the files we uploaded. Doing enumeration, we find that we […]
hackthebox optimum walkthrough
Starting with nmap Port 80 is HFS, If we try to login then we will get an unauthorized error. Following is the screenshot. Using searchploit to find if there is any vulnerabilities related to HFS Cloning one with Remote Command Execution There are two things we should do before running above python script. First is […]
hackthebox blue walkthrough
Starting with nmap Checking the smb We can check further in Share and Users. Searching if any vulnerability is present using searchploit EternalBlue seems to be interesting. There is a Github repo to exploit this automatically. Let’s clone the repo Then follow the README and generate shellcode This will make sc_all.bin shellcode. Now run the […]
hackthebox legacy walkthrough
Starting with nmap smb port 445 is open and the machine is XP….legacy Searching on the internet, xp is affected by ms08-067, CVE-2008-4250 Further python exploit is available for this. We can download it from here. First of all we need to change the shellcode in the script. For this we are going to generate […]
hackthebox nineveh walkthrough
Starting with masscan Two web ports are open with SSL and without SSL. Lets explore without SSL (port 80) first. To start with we will try gobuster We found one directory /department. Browse it Hmm a login page, we can try few login details like admin/admin, guest/guest, admin/password, etc. But in this case none worked. […]