Introduction

Hello guys back again with another walkthrough this time we are going to be tackling Couch box from tryhackme. The box was a simple box yet an amazing one thanks to the creator of the box stuxnet. The box starts off by us doing a port scan and finding out that the box has CouchDB service exposed. Looking at the version we see that it’s vulnerable to a remote code execution. Exploit the vulnerability and get a shell in the box. That’s one way of getting a shell on the box. The second way is by Looking through the database…


INTRODUCTION

Hello guys back again with another walkthrough. This time we will be tackling big-blind challenge from HSCTF. According to my opinion the challenge was a bit technical but nothing hard if you took a good look at the challenge. Am actually a part of a Kenyan team and i was asked by one of the members to try out this challenge since it was a blind SQL Injection and i decided to try it that evening after work. I Exploited the challenge and the leaked password which turned out to be the flag for the challenge.

The challenge had dynamic…


Introduction

Hello guy back again with another walkthrough on the box That’s The Ticket from TryHackMe. A really nice box that teaches the importance of understand the ins and out of how a vulnerability can be exploited and not only using payloads and not understanding how exactly the vulnerability occurred and why exactly the payload used works. We’ll go into a bit of javascript coding nothing too complex and then later on create a python login page brute forcer script. It was a really amazing box and without much say let’s jump in.

As always we are going to start with…


Introduction

Hello guys back again with another walkthrough this time we’ll be tackling VulnNet: Roasted from TryHackMe. Another amazing box from TheCyb3rW0lf. This box is purely an active directory box making it so phenomenal. We start off by finding a bunch of usernames from an SMB share and mutating it a bit and trying to perform user enumeration attack using kerbrute (which takes advantage of kerberos)but it failed. We’ll latter know why but then using lookupsids a really amazing script from impacket we perform a RID brute force attack and get a bunch of usernames from the server. Then perform an…


Introduction

Hello guys back again with another walkthrough. This time am going to be introducing SQL Injections and we are going to be solving a capture the flag challenge both automatically (using SQLMap) and manually by using burpsuite. SQL Injection vulnerability occurs when unsanitized user controlled input is passed to a database through a query. This cause a user or an attacker to be able to run raw SQL Commands on a database .Through Research done in the past, SQL Injections have led to dumping of databases which in turn leads to data breaches of all information from the database, It…


Hello guys back again with another walkthrough this time we’ll be tackling VulnNet: dotjar from TryHackMe. Yet another amazing box from TheCyb3rW0lf. I really loved the box and it starts off us finding a a tomcat web application that is vulnerable to ghostcat vulnerability. A vulnerability that we’ve exploited before in a room called tomghost which is also on TryHackMe. We use the vulnerability to leak some credentials which we then use those credentials to upload a malicious war file what gives us remote code execution on the box. Next we find that the shadow backup file is world readable…


Web Challenges

Hello guys back again with another walkthrough this time we’ll be tackling Cyber Apocalypse 2021 capture the flag hosted by HackTheBox. Since am part of a team this time i decided to do web challenges and i had a couple of solves. And also learned some important lesson that i would like to share Without much say let’s jump in

Caas

Caas is a web challenge that start off by a user providing a host and the web application does a heath check of some sort using curl


Introduction

Hello guys back again with another walkthrough this time we’ll be doing Classic Passwd from TryHackMe. Am really not great at reverse engineering but from learning buffer overflows i know my way around binary exploitation and some bit of reversing binaries to identify vulnerabilities and that’s what this walkthrough will be all about. …


Introduction

Hello guys back again with another walkthrough this time we’ll be tackling VulnNet: Node from TryHackMe. The room was rated easy and i totally agree with the rating and what made me love the room even more was that it was as real world as possible. You start off by finding a web server running Node.js Express framework you find it assigns you a cookie and the cookie is utilized somehow by the web server. Messing with the cookie you realize tht the cookie is unserialized by the web application and being a penetration tester I’ve come across nodejs deserialization…


Hello guys am back again with another walkthrough from TryHackMe. This time we are going to be handling VulnNet. The room was released yesterday i did it and finished it but I’ve been on the road for the past three days so releasing a room was kinda hard but better late than never. The room was rated medium but still again i believe if you have a solid foundation on pentesting it’s actually an easy box. The box starts off by us discovering that the box has virtual host routing enabled meaning as a user we shall be routed to…

Musyoka Ian

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store