Category: Hacking
-
Funbox : EasyEnum
https://www.vulnhub.com/entry/funbox-easyenum,565/ Review Enumeration Run nmap scan to find for open ports. Port 80 Run a gobuster scan to find for hidden directories. robots.txt secret/ mini.php/ In this mini shell we are able to upload files. Let’s upload a php reverse shell and execute it. Foothold Access gained. In the home directory there are the following…
-
Reverse Engineering : Mathematical Functions
Let’s create a simple program to see how the code is disassembled. Disassemble the program in IDA Pro.
-
NoraCodes crackme02
https://github.com/NoraCodes/crackmes This crackme is similar to the previous but the password cant’ be seen with ltrace or strings. Test out the program Use ltrace Use strings Use IDA Pro to analyze the file. Password is hard coded Test out the password.
-
Reverse Engineering : Variables Initiation
Let’s create a simple program to see how the code is dissasembled. Disassemble the program in IDA Pro. Spaces are allocated for each variable and the values are then moved to the allocated spaces.
-
Funbox : Rookie
https://www.vulnhub.com/entry/funbox-rookie,520/ Review Enumeration Run nmap scan to find for open ports. Port 80 Run a gobuster scan to find for hidden directories. /logs/ gives us not found. FTP login Found some clues. Let’s use john to crack the zip files. The zip files contain the private keys. Foothold We are able to gain access via…
-
Funbox : Easy
https://www.vulnhub.com/entry/funbox-easy,526/ Review Enumeration gives us multiple pathways Use default credentials to gain access to an online bookstore Add a book that has a php reverse shell attached Once user access is gained , a password file is stored in the open SSH to the user and check for sudo permissions. Use GTFOBins to find for…
-
Vegeta: 1
https://www.vulnhub.com/entry/vegeta-1,501/ Review Enumeration uncovers hidden directories Check all the way to the bottom for clues Decode file and look out for double encoding Use a more through enumeration if stuck Decode a morse code to find for clues Check bash_histroy to find for clues Enumeration Run nmap scan to find for open ports. Run a…
-
Infosec Prep: OSCP
This machine was created for the InfoSec Prep Discord Server
-
HTB : Armageddon
https://app.hackthebox.com/machines/Armageddon Review Find service version through enumeration Metasploit exploit will give a web shell Databases credentials are stored openly Use mysqldump to dump password hashes Cracked hashes gives password for SSH login Able to run snap install without root Utilize dirty sock exploit to create an account and switch to root user without password Enumeration…
-
CTFLearn : Adoni Assembler Chall
https://ctflearn.com/challenge/1026 Test the program Analyze View the sourcecode The _printflag function is not stated in the _start function hence the flag will not be printed. Edit in the _printflag function in the _start function. Test the program
-
HTB : Nibbles
https://app.hackthebox.com/machines/Nibbles Review Directory enumeration revels hidden information Login page credentials are simple RCE can be done from plugins Privilege execution can be achieved by editing a monitor script Enumeration Run nmap scan to find for open ports. Port 80 View source gives a clue. Run a gobuster scan to find for hidden directories. Main site…
-
CTFlearn: Reykjavik
https://ctflearn.com/challenge/990 Determine the file type Use the file command to determine the file type Test the program Strings Use strings to print the sequences of printable characters in files Analyze Dissemble the program Using Ghidra we can see that the program utilizes the strcmp function with a userinput and flag. Use GDB-Peda to analyze the…
-
API Testing Lab setup
Tools Burpsuite Postman mitmproxy2swagger Git Docker Go JWT Kiterunner Arjun Zaproxy Burpsuite Download jython Install Autorize in Burpsuite extender Postman Download postman sudo tar -xvzf postman-linux-x64.tar.gz -C /opt Create a postman account cd /opt mitmproxy2swagger sudo pip3 install mitmproxy2swagger Git sudo apt-get install git Docker sudo apt-get install docker sudo apt-get install docker-compose GO sudo…