It looks like we are given a replica site of what the attacker had attacked dumping the gift list. We will need to see what is on port 8000 and try to dump the database. First we need to locate the website, so let’s run an Nmap scan against our target. nmap -p- -T4 10.10.1.129 READ MORE
Author: wkbrdr8522
Day 4 (Task 9) Santa’s Watching– Advent of Cyber 2 TryHackMe
Today we will be looking at how to enumerate an HTTP server. The goal is to find hidden directories and map out the site. Sometimes there are juicy URLs that you visit to find sensitive information. First let’s run a quick Nmap scan against our target. I will use the -T4 option to scan faster READ MORE
Day 3 (Task 8) Christmas Chaos – Advent of Cyber 2 TryHackMe
Today we will be looking at web exploitation. Burp Suite is a the go to when performing web application testing. This tools allows you to intercept requests and modify them before being sent to the website. There’s a lot of useful other features to such as brute forcing web forms or automating searching for directories. READ MORE
Day 2 (Task 7) The Elf Strikes Back! – Advent of Cyber 2 TryHackMe
The goal of this challenge will be to gain access to an uploads page and then get a reverse shell. A reverse shell is when you execute code on a target machine and it calls back to your attacker machine. We are given an ID number of ODIzODI5MTNiYmYw. We will need to make a GET READ MORE
Day 1 (Task 6) A Christmas Crisis – Advent of Cyber 2 TryHackMe
Welcome to my walk through series of TryHackMe’s Advent of Cyber 2 room. Let’s Nmap our target to discover open ports. nmap -p- -sV -T4 –reason 10.10.37.154 Since we know port 80 is open let’s our target in our web browser. http://10.10.37.154 Looks like we have a login page. Let’s register an account using the READ MORE
Tenda Router IoT Hacking
Today we are going to take apart an old router and see what the insides look like. Then hopefully we will find something like JTAG or UART that we can connect to over USB and read some data off the router. JTAG, named from the Joint Test Action Group, is used for computer interaction with READ MORE
TryHackMe Mr. Robot CTF
Welcome to my walk through of Mr. Robot CTF on TryHackMe. I had a lot of fun with this machine and learned some new tricks. First off let’s start off by nmaping the machine. I always start off with all the ports and then go back and scan them for services. nmap -T4 -p- 10.10.210.193 READ MORE
A Journey Through eLearnSecurity’s Penetration Testing Student Course
I have some background in IT and security, with a dream of becoming a penetration tester. I currently work in vulnerability intelligence, and have a lot of exposure to what vulnerabilities exist in software. From here I determine the risk it poses to the company by understanding the way an attacker would exploit the vulnerability, READ MORE
Traverxec on HackTheBox
For all the machines I do, I always start off with an nmap scan. First a quick port scan and then a detailed port scan.I start off by using nmap -p- -T4 10.10.10.165This shows us that we have two ports open, 22 and 80. On hack the box we don’t need to brute force SSH, READ MORE
Starting Off
The goal of this blog is to start working through Hack The Box machines and providing write-ups that will help others learn about hacking. Here we will walk through various machines detailing out how to go from no access to becoming root!