Being Anonymous on the Internet is possible
So, sometimes you want to be anonymous on the open internet for some reason. Here are a few steps which can help (But may or may not be a perfect…
How the TCP stack handles TCP Connection Attempts during a Syn Flood
When a system receives a TCP SYN packet, the TCP stack uses a process called Half-Open Connection or Full-Open Connections slots. There are limited number of Half-open connections and it’s…
Technical Analysis of FunBoxEasyEnum from OSCP Proving Grounds
Offensive Security maintains virtual machines virtual machines you can VPN remote into and start attacking. It‘s free to sign up to play but you get kicked off after 2 hours.…
For the Impatient: Walkthrough of CyberSploit on Offensive Computing’s proving ground
1. nmap to find only tcp/22 and 80 open. 2. Robots.txt has a base64-encoded string that decodes to a url string. It’s a password. 3. Find the username in the…
Fast learner walk through for Geisha from Vulnhub
Howdy, For the impatient, here’s a quick summary of breaking into the Vulnhub box “Geisha” sudo nmap -p- 1.2.3.4 The password ‘letmein‘ is revealed (no quotes). SSH into the
For the Impatient: A walkthrough for Born2root on Vulnhub from Offensive Security’s site
nmap scan reveals open ports while dirb found hidden URLs, one called http://192.168.153.49/icons/ with a text file called VDSoyuAXiO.txt (A private key) Cool. Private key. ssh with it. Found usernames…
Fast learner’s guide to SunsetDecoy on Offensive Security’s Proving Ground site
Log in here with a Kali linux box: https://portal.offensive-security.com/proving-grounds/play Get a free VPN set of credentials and connect. Click to start the target box called SunsetDecoy and do these steps:…
FLaG (Fast LeArner’s Guide) to HAWordy from Vulnhub (OSCP Proving Grounds)
As always, nmap scan reveals only TCP/80 open with new apache install page displayed dirb (or gobuster) reveals subdirectory called wordpress. Easy! wpscan –url http://192.168.53.23/wordpress –enumerate p (Enumerate plugins to…
Walkthrough of Vulnhub’s “Monitoring” Machine as hosted on Offensive Security’s Proving Grounds
Get a Kali Linux box, https://www.kali.org/get-kali/ and go to Offensive Security’s Proving Grounds here:https://portal.offensive-security.com/proving-grounds/play Get a free VPN account and try to hack the boxes there. You can get Kali…
For the Impatient: Walk Through of Offensive Security FunBoxEasy VM
This is a fun box! Nmap to find TCP/22, 80 and 33060 open. Use gobuster to uncover hidden directories and look for http://192.168.120.224/admin (or whatever IP you’re targeting.) You’ll find…