oday I am working on the Gotta Catch’em All challenge from TryHackMe.com. Getting help from: https://medium.com/@aritrachakraborty_74303/gotta-catchem-all-a-writeup-for-ctf-style-thm-box-but-with-generic-techniques-904dc58e3890 I got the IP address of the box and started with an Nmap scan: Next, I wanted to see what was open on port 80. I noticed the http-title was “Can You Find Them All?”. Read more
Today I am working on the Vulnversity challenge from tryhackme.com I start with an nmap scan with the service version flag against the host: nmap -sV hostipaddress TryHackMe had a great nmap reference table so I pasted it below: I found a web server on port 3333 and started to Read more
Today I am working on the Mr Robot CTF from tryhackme.com. I am using the video from DarkSec to help with parts. I start with an nmap scan against the host to see what ports are open I can see port 80 and 443 are open, these ports are used Read more
This post will show how easy it is to get a system level command prompt with a standard user account using the CVE-2019-1388 vulnerability. This is demonstrated by working on the Blaster room by TryHackMe. This challenge highlights the CVE-2019-1388 vulnerability. The standard user will run an executable that required Read more
Today I am working on the Weak RSA challenge from hackthebox. The goal is to solve the challenge and find the flag. After downloading the file and unzipping it, I found two files, key.pub and flag.enc. I did a cat command to read both files: Looks like we have a Read more
Today I am working on the Blue challenge from hackthebox. The goal is to hack the computer and get system level privileges. I start with an nmap scan against the host IP: It looks like a Windows 7 box with Service Pack 1, the name of this challenge is Blue Read more
Today I am working on the Templed challenge from hackthebox, the goal is to solve the challenge and find the flag. I downloaded the file and unzipped it with the password “hackthebox”. The file was the .png image below: I did a google image search for the word “ciphers” and Read more
This is a writeup for Hackthebox Lame, this is my first HTB writeup. Started with an nmap scan against the target: 10.10.10.3 The nmap scan results are below A exploit was found for Samba 3.0.20-Debian in the nmap Host script results Running the exploit in Metasploit opened a shell with Read more