CTF365 lesson is based upon OWASP top 10 vulnerabilities which is still valid in 2020. The following are the lessons that are provided by CTF365. Let me tell you they are not only top 10, instead the list is of top 11 and please note they are not in any order. You can signup security […]
There is no excerpt because this is a protected post.
Starting with masscan port 53 is open which is for DNS. Lets see if we can transfer zones We discovered cronos.htb and admin.cronos.htb domains. Insert following in /etc/hosts file Browse both domains …. and admin domain Use a few common techniques to enter/bypass login like admin/admin, guest/guest, etc and finally tried with SQLi which worked. […]