Home

Room Link Task 1 : Pwn Enumerate the machine. How many ports are open? 4 Normal scan shows only 2 ports open but it was wrong. So I scanned all the ports and it took 20 minutes. What service is running on port 21? ftp What service is running on ports 139 and 445? smb There’s...

Room Link How many services are running under port 1000? 2 the required ports are 80 and 21 For some reason nmap shows the port 80 closed, so the answer should be 1 but it turned out to be wrong. Therefore I performed an aggressive scan and found that port 80 service was also active. What is running on th...

Room Link Task 1 : Living up to the title. Find open ports on the machine Who wrote the task list? lin What service can you bruteforce with the text file found? ssh Now do that bruteforce using hydra What is the users password? Now login into ssh using the credentials obtained...

Incase you are wondering why my ssh prompt is coloured, I just uncommented force_color_prompt=yes in .bashrc in the home directory of the user # uncomment for a colored prompt, if the terminal has the capability; turned # off by default to not distract the user: the focus in a terminal window # should be on the output of commands, not on the pr...

Room Link Hydra has the ability to bruteforce the following protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNT...

Room : https://tryhackme.com/room/ccpentesting Task 16 - [Section 5 - SQL Injection]: sqlmap These questions can be answered from the help page sqlmap -h How do you specify which url to check? -u What about which google dork to use? -g How do you select(lol) which parameter to use?(Example: in the url http://ex.com?test=1 the parameter...

Room Link Task 1 : Introduction nice stuff :) Task 2 : Example Research Question In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)? repeater What hash format are modern Windows login passwords stored in? ntlm...

challenge : https://crackmes.one/crackme/5ed3cd9a33c5d449d91ae6b1 official writeup : guessmeoriginal my writeup First did the standard file command and changed the execution permission chmod +x guessme When executed it asks for a guess, which you have to find to get the secret message. so I disassembelled it using ghidra the decompiled ...