It's all about Linux
Amatersau is an intentionally-vulnerable target on offsec.com’s proving grounds. We practice targeting them for points while connected via a point-to-point VPN link using openvpn. Simply create an account at https://portal.offsec.com/labs/play,…
Hostname: evilbox-one. OS Type: Linux IP Address: 192.168.210.212 Open Ports: 22/80 Usernames: Spotted Vulns: Flag Value: See below Proof Value: See below Interesting: http://192.168.210.212/secret/ – Empty file. Interesting Robots empty…
Rainbow Tables are not merely precomputed databases of hashes and their password equivalents. I’ve seen this in many study resources from EC-Council to Study guides for IT Security certifications and…
1. scanned, found tcp/80 open 2. Found wordpress install 3. Found 3 usernames with wpscan. Was an old ver, could have exploited that. 4. Found hints recommending using cewl to…
Plan A 1. discover http on 80 with drupal 7 2. Metasploit, search for drupal, find unix/webapp/drupal_drupalgeddon2 3. Set options, exploit and we have Meterpreter shell 5. Find flags in…
Some really useful NSE – Nmap Scripting Engine scripts. Keyword search (ctrl+F) to find items related to what you need like smb, nse or even geolocation with IP Addresses and…
Hey,Here’s a quick summarization of the virtual target called Shakabrah on Proving Grounds.If you’re new, apply for an account, get the openvpn pack, run it with #openvpn universal.ovpn and you’ll…
Hey,here’s a fast learner’s guide to conquering DriftingBlues6 on Proving Grounds.Proving Grounds is a fun place to hang out and hack boxes for credit and experience. This particular box falls…
This was fun but there’s a funky rabbit hole involving a QR code image that I’ll include just because it’s interesting and a good academic process 1. Scan to find…
I spent most of 2021-2024 either racing mountain bikes, training to race or hacking virtual machines on Offensive Computing’s Proving Grounds or TryHackMe.com. Here are some random tactics I picked…