Sign in

Ethical Hacker,Dream chaser.

Hello everyone,Let’s solve Advent of cyber 2 .TryHackMe

Advent of Cyber is an beginner Friendly challenge which are designed for beginners who are looking to improve their skills.It’s a 25 days challenge.Now let’s begin.

Web Exploitation:A Christmas Crisis

Ok let’s begin.I’m using macOS as my attacker machine.So,i’ve connected to TryHackMe by OpenVPN.Now let’s begin the DAY-1

Let’s fireup our firefox and burpsuite.This is how the webpage looks like.


Hello everyone.so,after a long time i’m writing this writeup.This one is from Tryhackme.For this room,we need to have little bit knowledge on stegno.So let’s begin the hunt.Basically this is a beginner friendly room.In my opinion it is very easy to solve.

i’m using kali linux as my attacker machine and connected through VPN to tryhackme

First things,let’s find the open ports and services that are running.

This scan gave us some open ports and services and their versions that are running.


Hello guys,welcome back,Today we are going to solve one of the easiest OSCP like machine.It is from hackthebox and here is the So Let’s get Started.First things First ,For this machine you need to have knowledge on sqli and kernel vulnerabilities.

I’m using kali linux as my attacker machine.So let’s begin.

One of the most important stage in pentesting.Now let’s enumerate the machine.First let’s find the open ports and services that are running.


Hello everyone,Let’s solve one of the hard rated difficulty machine.It’s none other than internal.I don’t know why they rated it as hardest one.it is very easy to solve.For this,You need to have a little bit knowledge on wordpress,tunneling and bruteforcing.That’s it Let’s solve.

→jenkins

Now Let’s begin with a Nmap scan.By the way,i’m using ubuntu as my attacker machine.Ok Let’s begin.

I’m using nmap to find some interesting ports.

Ok.There are only two ports open.ssh and apache httpd are running on 22 adn 80.The …


Hello everyone,Let’s solve overpass series.overpass series is one of the best machines i ever solved.ok let’s begin .

This is the first machine in overpass series.it is rated as easy to solve.It comes with two flags.

Let’s begin.

i’m using Ubuntu as my attacker machine……..

First let’s find the open ports and thier versions by using nmap…

ok we got two ports open 80 and 22.

Let’s find any interesting things in that website..


Hello everyone,Let’s solve some sql injection challenges from root0x00 altervista site.click here to solve along with me.If you are new to sql injection Please read my blog before reading this.

we’ll be solving manually without using sqlmap.So let’s begin….

First things first,it is very easy to solve.First let’s assume the query.


Hello everyone,Let’s solve colddBox.It is very easy ctf.For this we need to know about wordpress.Let’s begin.

Let’s begin with nmap

Only one port is open .So its a wordpress site.so let’s emunerate the themes,plugins and users.Let’s call wpscan to do it .


Hello everyone,Let’s learn about sql injection from beginner level to advanced level.Firstly,To learn sql injection a lot of patience is required and a little bit knowledge about SQL language.let’s begin.

SQL injection is a vulnerability due to error done by many of the programmers.So, basically sql injection is a basic attacking strategy which is used to retrieve the data from the backend database by sending some sql queries to the server (or) we can also say,extracting the unauthorized data by forcing the server to display it.

→Now a days,Many companies considered SQL injection as a critical vulnerability and…


Hello everyone,Let’s solve TryHackMe Advent Of cyber Day-4 Stuff.It’s very easy to solve.So let’s begin.

Ok this is how the webpage looks like.But there is nothing here. So let’s check for the hidden directories.I’m using dirbuster to bruteforce the directories.


Hello everyone,Let’s Hack some android phones by using an Apk created by me.So,For this we need to create an apk using msfvenom and send it to the victim’s phone.This is the Basic Method To hack an Android phone.

Disclaimer:

THIS IS FOR EDUCATIONAL PURPOSE ONLY.I’M NOT RESPONSIBLE FOR THE THINGS YOU DO.PLEASE USE THIS FOR GOOD.

STEP-1:

Our First is to create a payload to send it to the victim,The payload may be a pdf,image,apk,xml or DLL.To Hack android i’m going to create a apk.For this we can use backdoor-apk,FATRAT,veil-evasion,msfvenom…etc…,

For this writeup,i’m going to use msfvenom.In …

Sampath Pendurthi

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store