Start with nmap Only two ports are open. Nmap reveals SSH and HTTP version. Lets use gobuster. We found that the server is hosting torrent hoster. Check if we find any vulnerability using searchpolit. Found one, but not sure how it works. Send me the link on how to use it in the comment. In […]

hackthebox linux machine

Start the hack with nmap We see the port 21 is open. Lets search for the version in searchploit The FTP is vulnerable and we could get the RCE but for some reason, it didn’t work. Moving on to samba. Lets use smbmap We have access to the tmp. Again, using smbclient to explore further. […]

Start the hack with nmap Check if we have anonymous access or not. Nice, we have anonymous. Further, check if we can write there or not. I already have tested and it came positive. HTTP shows the server has IIS installed. We can upload the aspx webshell from FTP and try to access it from […]

In ctf after you get a shell you may want to see if you can upgrade to a full tty shell. You can find many ippsec videos on youtube doing this. First see if there is python or not

If it is available, type following command to get bash shell. There is another post […]

After installing Letsencrypt SSL according to https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate article you need to renew certificate later. To renew certificate you can do following: Login to server as root

Change directory to Zimbra Letsecnrpyt SSL folder

Copy new SSL files to Zimbra Letsencrypt folder then change owner to Zimbra.

Add X3 root certificate to our […]

BACKUP!! BACKUP!! BACKUP!! Make sure you do backup regularly or at least ask your clients’ to take a clean backup of website. Change Password After your website gets hacked, first thing to do is to make sure that you change passwords ie: cpanel, database, wp-admin, etc Replace Files/Folders 1. Rename public_html folder to something else […]

Japanese seo in google

Ever encountered php unknown code injected at top of your index.php file? I have same issue in my WordPress website where some unknown php scripts was injected at top of index.php file. Below is the sample of that php code:

So, next thing to get rid of this is to delete the injected code […]

Apache – Prefork or Worker What are MPM’s? It modifies the basic functionality of the apache server related to multi-thread & multi-processes style of working. It must be built into apache at compilation with http_core and mod_so modules. Only one MPM can be loaded into the server at any time. Apache 2.x supports pluggable concurrency models, […]

Follow following steps to restore your WordPress website which has been compromised. These steps will help you to restore your WordPress website without any cost. Compress the entire remote site files from cpanel and download to local Delete everything in ‘public_html’ folder Change FTP, cPanel, email account and MySQL passwords Unzip local site and scan […]