Category Archives: Ethical Hacking & Penetration Testing

Sauna – HackTheBox Walkthrough

Introduction: The purpose of this blog is to document the steps I took to complete hacking task of HackTheBox (https://www.hackthebox.eu/) machine that included capturing user and root flag of Sauna (https://www.hackthebox.eu/home/machines/profile/229). Resources/Tools Used: nmap smbclient Impacket’s GetNPUser.py script (https://raw.githubusercontent.com/SecureAuthCorp/impacket/master/examples/GetNPUsers.py) john evil-WinRM winPEAS mimikatz Process Followed: After connecting to HTB lab through VPN, started Sauna (10.10.10.175)Continue reading “Sauna – HackTheBox Walkthrough”

Silo – HackTheBox Walkthrough

Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Silo (https://www.hackthebox.eu/home/machines/profile/131) machine from HackTheBox (https://www.hackthebox.eu/). Resources/Tools Used: nmap smbclient Metasploit ODAT (https://github.com/quentinhardy/odat) evil-winrm volaility https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/tnspoison_checker https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/sid_brute https://github.com/quentinhardy/odat/wiki https://redteamtutorials.com/2018/10/24/msfvenom-cheatsheet/ Process Followed: After connecting HTB lab through VPN, started Silo (10.10.10.82) machine. To check the available services, scannedContinue reading “Silo – HackTheBox Walkthrough”

Kenobi – TryHackMe Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete THM’s (https://tryhackme.com/) room Kenobi (https://tryhackme.com/room/kenobi) hacking tasks. Resources/Tools Used: Nmap smbclient Netcat [Task 1] Deploy the vulnerable machine #1             This subtask requires you to deploy the machine. #2             Scanned the machine and found seven open ports. [Task 2] Enumerating Samba for sharesContinue reading “Kenobi – TryHackMe Writeup”

Injection – TryHackMe Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (https://tryhackme.com/)’s room Injection (https://tryhackme.com/room/injection) hacking tasks. Resources/Tools Used: Netcat https://linuxconfig.org/how-to-change-welcome-message-motd-on-ubuntu-18-04-server http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet [Task 1] Introduction & Deploy This task is mainly concerned with introducing the room scenario and deploying the machine. [Task 2] An Introduction To Command Injection This task gives anContinue reading “Injection – TryHackMe Writeup”

Monteverde – HackTheBox Walkthrough

Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Monteverde machine from Hack The Box (HTB). Resources/Tools Used: nmap smbclient enum4linux Metasploit evil-winrm winPEAS https://blog.xpnsec.com/azuread-connect-for-redteam/ https://github.com/Hackplayers/PsCabesha-tools/blob/master/Privesc/Azure-ADConnect.ps1 Process Followed: After connecting HTB lab through VPN, started Monteverde (10.10.10.172) machine. To check the available services, I scanned theContinue reading “Monteverde – HackTheBox Walkthrough”

Inclusion – THM Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (THM)’s room Inclusion hacking tasks. Resources/Tools Used: ssh https://gtfobins.github.io/gtfobins/socat/#sudo [Task 1] Deploy This is a beginner level room designed for people who want to get familiar with Local file inclusion vulnerability. #1 Deploy the machine and start enumerating No answerContinue reading “Inclusion – THM Writeup”

Ignite – TryHackMe Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (THM)’s room Ignite hacking tasks. Resources/Tools Used: searchsploit http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet netcat [Task 1] Root it! Root the box! #1 User.txt Deployed the machine and browsed to the website. Noticed the website was running Fuel CMS version 1.4. While reading theContinue reading “Ignite – TryHackMe Writeup”

Resolute – HackTheBox Walkthrough

Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Resolute machine from Hack The Box (HTB). Resources/Tools Used: nmap smbclient enum4linux Metasploit evil-winrm winPEAS https://medium.com/techzap/dns-admin-privesc-in-active-directory-ad-windows-ecc7ed5a21a2 https://www.abhizer.com/windows-privilege-escalation-dnsadmin-to-domaincontroller/ msfvenom Process Followed: After connecting HTB lab through VPN, started Resolute (10.10.10.169) machine. To check the available services, I scannedContinue reading “Resolute – HackTheBox Walkthrough”

Anonymous – THM Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete Tryhackme.com (THM)’s room Anonymous hacking tasks. Resources/Tools Used: nmap smbclient http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet netcat GTFOBINS (https://gtfobins.github.io/) [Task 1] Pwn Try to get the two flags!  Root the machine and prove your understanding of the fundamentals! This is a virtual machine meant forContinue reading “Anonymous – THM Writeup”

Pickle Rick – THM Writeup

Introduction: The purpose of this writeup is to document the steps I took to complete Tryhackme.com (THM)’s room Pickle Rick hacking tasks. Resources/Tools Used: [Task 1] Pickle Rick This Ricky and Morty themed challenge requires you to exploit a webserver to find three ingredients that will help Rick make his potion to transform himself backContinue reading “Pickle Rick – THM Writeup”

Design a site like this with WordPress.com
Get started