ColdBoxEasy walkthrough
This walkthrough is for the box ColdBoxEasy on Proving Grounds at: https://portal.offsec.com/labs/play Basically, start your VPN connection, start the box on Proving Grounds and start targeting it. Synopsis: – Nmap,…
What are revshells anyhow?
Well, I’ll tell you. Have a look here: When we’re hacking a box legally (e.g., with written permission) and we’re able to upload a script that phones home back to…
A walkthrough of hacking the box “Dawn” on OffSec’s ProvingGrounds
Hiya. It’s a rainy weekend and my favorite mtn biking trails are wet so I’m staying in to hack boxes all weekend. Today’s is Dawn on Proving Grounds. Proving Grounds…
Rainy day to hack BBSCute on Proving Grounds
This walkthrough is for the box BBScute on Offsec’s Proving Grounds It’s a rainy, cold day so I’m staying in to hack a box. – Nmap scan, found 22, 80,…
Meterpreter commands sheet
Hey. I wasn’t finding very good online documentation for meterpreter so I just dumped the help output from a meterpreter shell. So many sweet tools to use on a target…
Walkthrough for Amaterasu on Offsec.com’s proving grounds
Amatersau is an intentionally-vulnerable target on offsec.com’s proving grounds. We practice targeting them for points while connected via a point-to-point VPN link using openvpn. Simply create an account at https://portal.offsec.com/labs/play,…
Fast learner’s walkthrough for evilbox-one on Proving Grounds
Hostname: evilbox-one. OS Type: Linux IP Address: 192.168.210.212 Open Ports: 22/80 Usernames: Spotted Vulns: Flag Value: See below Proof Value: See below Interesting: http://192.168.210.212/secret/ – Empty file. Interesting Robots empty…
Rainbow Tables are not merely pre-computed databases of hashes and their password equivalents
Rainbow Tables are not merely precomputed databases of hashes and their password equivalents. I’ve seen this in many study resources from EC-Council to Study guides for IT Security certifications and…
Fast learner’s guide to dc-2 on OffSec Proving Grounds
1. scanned, found tcp/80 open 2. Found wordpress install 3. Found 3 usernames with wpscan. Was an old ver, could have exploited that. 4. Found hints recommending using cewl to…
Impatient person’s walkthrough for vulnhub’s DC-1
Plan A 1. discover http on 80 with drupal 7 2. Metasploit, search for drupal, find unix/webapp/drupal_drupalgeddon2 3. Set options, exploit and we have Meterpreter shell 5. Find flags in…