If you think October is only the spooky month, well you’re wrong! October is also known as Cyber Security Month!.
To celebrate the month, HackTheBox renewed their Starting-Point which is a path for beginner that want to start hacking to learn. And I must say it is very well made.
…
Okay so its the year 2021 and we’re almost in 2022. And technology has been evolving much more and we’re more reliant on communicating online using our accounts. …
A box on Proving Grounds focusing more on enumeration! If in-doubt just enumerate!!
We scan the network and found that the target is running an Apache web-server. Further enumeration of the web-server reveals that there is an unprotected upload functionality which allowed an attacker to upload malicious file which leads…
Hi amazing hackers from around the world, back again with another write up of a box. This time it’s from OffSec’s Proving Grounds. If you would like to check out more write ups please do check my GitLab repository
PORT STATE SERVICE VERSION
22/tcp open ssh…This room is more focused on PostgresSQL on how misconfiguration could lead to Remote Code Execution.
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)…Hello all, It’s been a while since I posted, I’ve been hanging out on Portswigger and learning stuff. I’ve been lazy but I’ve been documenting what I do on my gitlab. If you’re interested, check out my GitLab.
We are Spice Hut, a new startup company that just made it…
Created by ustoun0
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 44:ee:1e:ba:07:2a:54:69:ff:11:e3:49:d7:db:a9:01 (RSA)
| 256 8b:2a:8f:d8:40:95:33:d5:fa:7a:40:6a:7f:29:e4:03 (ECDSA)
|_ 256 65:59:e4:40:2a:c2:d7:05:77:b3:af:60:da:cd:fc:67 (ED25519)
80/tcp…A TryHackMe room made by zyeinn featuring a lot of stuff!
Port 80 and 22 is open
After a full port scan, it reveals port 8765 is also open.
After running Gobuster, I checkout the directories and found interesting stuff in custom/js directory.
mobile.js
users.bakUsing CrackStation, the hash in…
A room on TryHackMe created by TheCyb3rW0lf featuring a Windows machine.
https://www.secureauth.com/labs/open-source-tools/impacket/
https://hashcat.net/wiki/doku.php?id=example_hashes
https://github.com/Hackplayers/evil-winrm
https://forum.hackthebox.eu/discussion/2749/getnpusers-py-explained-video…
A room on TryHackMe created by TheCyb3rW0lf featuring various services to exploit.
…
