Hello everyone,Let’s solve Advent of cyber 2 .TryHackMe
Advent of Cyber is an beginner Friendly challenge which are designed for beginners who are looking to improve their skills.It’s a 25 days challenge.Now let’s begin.
Web Exploitation:A Christmas Crisis
Ok let’s begin.I’m using macOS as my attacker machine.So,i’ve connected to TryHackMe by OpenVPN.Now let’s begin the DAY-1
Let’s fireup our firefox and burpsuite.This is how the webpage looks like.
Hello everyone.so,after a long time i’m writing this writeup.This one is from Tryhackme.For this room,we need to have little bit knowledge on stegno.So let’s begin the hunt.Basically this is a beginner friendly room.In my opinion it is very easy to solve.
i’m using kali linux as my attacker machine and connected through VPN to tryhackme
First things,let’s find the open ports and services that are running.
“nmap -sC -sV 10.10.104.210 -vv -oN scan”
This scan gave us some open ports and services and their versions that are running.
21/tcp open ftp syn-ack vsftpd 3.0.3
|_auth-owners: ERROR: Script execution failed (use -d…
Hello guys,welcome back,Today we are going to solve one of the easiest OSCP like machine.It is from hackthebox and here is the link.So Let’s get Started.First things First ,For this machine you need to have knowledge on sqli and kernel vulnerabilities.
I’m using kali linux as my attacker machine.So let’s begin.
One of the most important stage in pentesting.Now let’s enumerate the machine.First let’s find the open ports and services that are running.
“nmap -sC -sV <IP> -vv -oN scan”
Hello everyone,Let’s solve one of the hard rated difficulty machine.It’s none other than internal.I don’t know why they rated it as hardest one.it is very easy to solve.For this,You need to have a little bit knowledge on wordpress,tunneling and bruteforcing.That’s it Let’s solve.
Now Let’s begin with a Nmap scan.By the way,i’m using ubuntu as my attacker machine.Ok Let’s begin.
I’m using nmap to find some interesting ports.
“nmap -sC -sV <IP> -vv -oN scan”
Ok.There are only two ports open.ssh and apache httpd are running on 22 adn 80.The …
Hello everyone,Let’s solve overpass series.overpass series is one of the best machines i ever solved.ok let’s begin .
This is the first machine in overpass series.it is rated as easy to solve.It comes with two flags.
i’m using Ubuntu as my attacker machine……..
First let’s find the open ports and thier versions by using nmap…
“nmap -sC -sV <IP> -oN scan -vv ”
ok we got two ports open 80 and 22.
Let’s find any interesting things in that website..
we’ll be solving manually without using sqlmap.So let’s begin….
Integer Based SQL INJECTION:
First things first,it is very easy to solve.First let’s assume the query.
Hello everyone,Let’s solve colddBox.It is very easy ctf.For this we need to know about wordpress.Let’s begin.
Let’s begin with nmap
“nmap -sC -sV 10.10.120.238 -vv”
Only one port is open .So its a wordpress site.so let’s emunerate the themes,plugins and users.Let’s call wpscan to do it .
“wpscan — url http:MachineIP — enumerate at,ap,u”
Hello everyone,Let’s learn about sql injection from beginner level to advanced level.Firstly,To learn sql injection a lot of patience is required and a little bit knowledge about SQL language.let’s begin.
SQL Injection: SQL injection is a vulnerability due to error done by many of the programmers.So, basically sql injection is a basic attacking strategy which is used to retrieve the data from the backend database by sending some sql queries to the server (or) we can also say,extracting the unauthorized data by forcing the server to display it.
→Now a days,Many companies considered SQL injection as a critical vulnerability and…
Hello everyone,Let’s solve TryHackMe Advent Of cyber Day-4 Stuff.It’s very easy to solve.So let’s begin.
Ok this is how the webpage looks like.But there is nothing here. So let’s check for the hidden directories.I’m using dirbuster to bruteforce the directories.
Hello everyone,Let’s Hack some android phones by using an Apk created by me.So,For this we need to create an apk using msfvenom and send it to the victim’s phone.This is the Basic Method To hack an Android phone.
THIS IS FOR EDUCATIONAL PURPOSE ONLY.I’M NOT RESPONSIBLE FOR THE THINGS YOU DO.PLEASE USE THIS FOR GOOD.
Our First is to create a payload to send it to the victim,The payload may be a pdf,image,apk,xml or DLL.To Hack android i’m going to create a apk.For this we can use backdoor-apk,FATRAT,veil-evasion,msfvenom…etc…,
For this writeup,i’m going to use msfvenom.In …