Enumeration Start with nmap enumeration $ nmap -sC -sV -oN nmap-initial 10.10.10.234 Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-08 18:00 CEST Nmap scan report for 10.10.10.234 Host is up...
Hack The Box - Knife writeup
In this post we explore the Knife machine hosted on the HackTheBox website. We first scan the machine to enumerate the open ports and the respective running services. Analyze and Discovery We sta...
Hack The Box - Love writeup
Start with usual nmap enumeration $ nmap -sC -sV -oN nmap-initial 10.10.10.239 Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-25 17:42 CEST Nmap scan report for 10.10.10.239 Host is up (0.013s...
Hack The Box - Armageddon writeup
Start with usual nmap enumeration >> nmap -sV -sC -oN nmap-initial 10.10.10.233 PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 82:c6:bb...
Hack The Box - TheNotebook writeup
Foothold We start with usual nmap enumeration $ nmap -sC -sV -oN nmap-initial 10.10.10.230 Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-29 21:53 CEST Nmap scan report for 10.10.10.230 Host i...
Hacker101 - Micro-CMS-v2
The website contains 3 flags, we need to find them all. Landing page is: Seems like they fixed the vulnerabilities of the previous Micro-CMS v1 challenge. Writeup here Flag 0 - SQL i...
Hacker101 - Micro-CMS v1 writeup
There are 4 flags (= at least 4 vulnerabilities) in this website. We need to hunt them all. The landing page is : We can create our own page using Markdown. Flag 1 - Stored XSS on Title A...
PortSwigger Labs - Business logic - Missing validation of negative quantities
Description Link: https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-high-level Writeup We move through the website while recording the HTTP traffic using Burp. When...
PortSwigger Labs - Business Logic - Excessive trust in client side controls
Description Link: https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-excessive-trust-in-client-side-controls Writeup Goal of the challenge is to buy a Lightweight l3...
PortSwigger Labs - XXE to SSRF to exfiltrate EC2 instance metadata
Description Link: https://portswigger.net/web-security/xxe/lab-exploiting-xxe-to-perform-ssrf Writeup We can modify the XML sent to the server in the check stock feature and see what happe...