Pages

Search

Bandit CTF – Level 12

Level 11–>12 bandit11@bandit:~$ ls -la bandit11@bandit:~$ cat data.txt | tr ‘A-Za-z’ ‘N-ZA-Mn-za-m’ password = 5Te8XXXXXXXXXXXXXXXXXXXXXXXXXXXX

HTB Explore

Rustscan is a fast port scanner that promises to scan all 65k ports in 3 seconds.We can use it to perform a full port scan and with the results, we can use them in combination with Nmap.https://github.com/RustScan/RustScan $ rustscan -a 10.10.10.247 $ sudo nmap -sV -sC 10.10.10.247 -p 2222,42135,42507,59777 In the port scan, we found different open ports.As usually, ssh port is not a common port to start testing so,

HTB Scriptkiddie

$ nmap -A -p- 10.10.10.226 -T4 Open ports 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0) 5000/tcp open http Werkzeug httpd 0.16.1 (Python 3.8.5) Accessing to http://10.10.10.226:5000/ In this site we can observe that nmap and msfvenom are used. $ searchsploit msfvenom From nmap we don’t get too much from searchploit, but from msfvenom we just get 1 result.So it is worth trying. msf6 > search venom

Bandit CTF – Level 11

level 10–>11 bandit10@bandit:~$ ls -la bandit10@bandit:~$ cat data.txt | base64 -d The password is IFukXXXXXXXXXXXXXXXXXXXXXXXXXXXX Password = IFukXXXXXXXXXXXXXXXXXXXXXXXXXXXX

[Solved] Resolv.conf is not updated after an OpenVPN connection

After connecting a VPN on Linux (my case an Ubuntu) that resolv.conf is not updated and you can’t resolve names from that network as expected. After searching a bit I found this website that gave me a solution. You can check in detail here: https://dev.to/setevoy/arch-linux-openvpn–resolvconf-is-not-updated-2470 After connection to the VPN has been performed, we can observe that resolv.conf hasn’t been updated. $ cat /etc/resolv.conf Modify your opvn file and these

Mobile Security Framework (MobSF)

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. https://github.com/MobSF/Mobile-Security-Framework-MobSF MobSF Documentation: https://mobsf.github.io/docs/#/ Linux requirements: Install Git: sudo apt-get install git Install Python 3.8-3.9: sudo apt-get install python3.8 Install JDK 8+: sudo apt-get install openjdk-8-jdk Install the following dependencies:sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf For the

Bandit CTF – Level 10

level 9–>10 bandit9@bandit:~$ ls -la bandit9@bandit:~$ strings data.txt | grep «^=» password = truKXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Bandit CTF – Level 9

level 8–>9 bandit8@bandit:~$ ls -la bandit8@bandit:~$ cat data.txt | sort | uniq -u password = UsvVXXXXXXXXXXXXXXXXXXXXXXXXXX

Bandit CTF – Level 8

level 7–>8 bandit7@bandit:~$ ls -la bandit7@bandit:~$ cat data.txt | grep -s millionth password = cvX2XXXXXXXXXXXXXXXXXXXXXXXXXXXX

HTB Delivery

Add the box to the host file. $ sudo nano /etc/hosts $ nmap delivery.htb -A -p- -T4 Open ports: Site inspection: http://delivery.htb http://delivery.htb/#contact-us http://helpdesk.delivery.htb/index.php http://delivery.htb:8065 As you can create a user into Mattermost server we can start here: http://delivery.htb:8065/should_verify_email?email=user%40rffuste.com We should verify the email, but no email is going to be received.So we need to find a new way. If we focus on Helpdesk site, http://helpdesk.delivery.htb/index.php We can create a