This week I am working on the Windows Events room by Tryhackme. Per Wikipedia, “Event logs record events taking place in the execution of a system to provide an audit trail that can be used to understand the activity of the system and to diagnose problems. They are essential to Read more
“Burp Suite is a framework of web application pentesting tools, it is widely regarded as the de facto tool to use when performing web app testing.” Source: https://tryhackme.com/room/rpburpsuite I am using the “Burp Suite” room from TryHackme to build this resource. Burp Suite is pre-installed on Kali Linux, if you’ll Read more
https://tryhackme.com/path/outline/presecurity TryHackMe.com has an awesome new Learning Path that can take you from curious to ready-to-learn specialized cybersecurity content. The Pre Security learning path will easily make you familiar with the basics including Network Fundamentals, How the Web Works, Linux Fundaments, and Windows Fundamentals! The combination of networking, web, and Read more
oday I am working on the Gotta Catch’em All challenge from TryHackMe.com. Getting help from: https://medium.com/@aritrachakraborty_74303/gotta-catchem-all-a-writeup-for-ctf-style-thm-box-but-with-generic-techniques-904dc58e3890 I got the IP address of the box and started with an Nmap scan: Next, I wanted to see what was open on port 80. I noticed the http-title was “Can You Find Them All?”. Read more
Today I am working on the Vulnversity challenge from tryhackme.com I start with an nmap scan with the service version flag against the host: nmap -sV hostipaddress TryHackMe had a great nmap reference table so I pasted it below: I found a web server on port 3333 and started to Read more
Today I am working on the Mr Robot CTF from tryhackme.com. I am using the video from DarkSec to help with parts. I start with an nmap scan against the host to see what ports are open I can see port 80 and 443 are open, these ports are used Read more
This post will show how easy it is to get a system level command prompt with a standard user account using the CVE-2019-1388 vulnerability. This is demonstrated by working on the Blaster room by TryHackMe. This challenge highlights the CVE-2019-1388 vulnerability. The standard user will run an executable that required Read more
Today I am working on the Weak RSA challenge from hackthebox. The goal is to solve the challenge and find the flag. After downloading the file and unzipping it, I found two files, key.pub and flag.enc. I did a cat command to read both files: Looks like we have a Read more
Today I am working on the Blue challenge from hackthebox. The goal is to hack the computer and get system level privileges. I start with an nmap scan against the host IP: It looks like a Windows 7 box with Service Pack 1, the name of this challenge is Blue Read more
Today I am working on the Templed challenge from hackthebox, the goal is to solve the challenge and find the flag. I downloaded the file and unzipped it with the password “hackthebox”. The file was the .png image below: I did a google image search for the word “ciphers” and Read more