Hackthebox

Sense : Pfsense webserver exploit

Bashed : scriptmanager exploit

Armageddon : Drupal exploit

Active : Kerboros exploit

Netmon : PRTG RCE exploit

Nibbles : Nibbleblog exploit

Forest : Active Directory exploit

Previse : Web intercept exploit

Artic : Coldbox fusion exploit

Shocker : Shellshock exploit

Blocky : Password reuse exploit

Knife : PHP RCE

Irked : IRC exploit

Buff : Exploit using port forwarding

Mirai : IoT exploit

Networked : File Image exploit

Valentine : Heartbleed exploit

Devel : Windows RCE exploit

Beep : LFI enumeration and webmin exploit

Timelapse : Exploiting using SMB and PowerShell

Tier 0 : Starting Point Machine

Tier 1 : Starting Point Machine

Optimum : Windows 2012 R2 Server exploit

Return : Windows Printer service exploit

Jerry : Apache tomcat code execution exploit

Blue : Eternal Blue SMB exploit

Lame : Samba Username map script

Cap : Wireshark recon

Granny : IIS 6.0 Vulnerability code execution

Legacy : MS08-067 exploit

Grandpa : IIS 6.0 Vulnerability code execution

HTB : Sauna

Network Enumeration To begin our exploration of the network, let’s initiate an nmap scan in order to identify open ports. WEB Enumeration Use gobuster to find for directories. Cant find anything interesting in the directory enumeration. Port 80 In the about us section we find some potential users. Let’s take note of the names. SMB…

March 23, 2023

HTB : Timelapse

Network Enumeration To begin our exploration of the network, let’s initiate an nmap scan in order to identify all open ports. To gather more information about the network, we can use a detailed nmap scan. Add the domain name found from the nmap scan to /etc/hosts SMB Enumeration SMB null sessions are a type of…

March 21, 2023

HTB : Active

March 20, 2023

JSON IP Extractor

As a SOC analyst, clients often request certain IPs to be blocked or whitelisted. However, dealing with a large JSON file that contains various information including the necessary IP addresses can be time-consuming. To overcome this challenge, a straightforward Python script can be used to extract IP addresses from the JSON format and export them…

March 6, 2023

Persecure : my learning archive

Hackthebox

Hello! I’m a SOC analyst and cybersecurity enthusiast. In my free time, I enjoy practicing on CTFs and writing up about them.

HTB : Sauna

HTB : Timelapse

HTB : Active

VulnNet: Roasted

Attacktive Directory

JSON IP Extractor