Open in app

Sign In

Write

Sign In

Musyoka Ian
Musyoka Ian

608 Followers

Home

About

Jan 16

Hotel HackMyVm Walkthrough

introduction — Hello guys and welcome back for another walkthrough this time we are going to be tackling a machine from HackMyVm called Hotel a CTF like machine where we gain an initial foothold by exploit a remote code execution vulnerability (RCE) in a web application software called HotelDruid then after getting a shell on the box we find a ttylog file and using ttyplay we are able to read the file and get credential of the user person login into the system via SSH as the person user then exploit a misconfiguration on wkhtmltopdf to get root on the box it’s a really nice challenge and we are going to be doing a little bit of port forwarding using ngrok without much say let jump in

Remote Code Execution

1 min read

Hotel HackMyVm Walkthrough
Hotel HackMyVm Walkthrough
Remote Code Execution

1 min read


Jan 9

Insecure web challenge CTFROOM

introduction — Hello guys and welcome back to my channel this time am going to be taking you through a CTF challenge from CTFROOM called insecure. The challenge show the limitations of using preg_replace() in PHP for match and replace operations and how it can be exploited to cause unintended functionality in a web application. It’s a really simple and fun challenge and without much say lets jump in

Ctf Writeup

1 min read

Insecure web challenge CTFROOM
Insecure web challenge CTFROOM
Ctf Writeup

1 min read


Oct 14, 2022

Surfer TryHackMe walkthrough

introduction — Hello guys back again with another walkthrough this time we are going to be tackling surfer from tryhackme which teaches about server side request forgeries or commonly known as SSRF. We are going to utilize this attack to gain access to internal infrastructure of the system and retrieve the flag…

Ssrf

5 min read

Surfer TryHackMe walkthrough
Surfer TryHackMe walkthrough
Ssrf

5 min read


Oct 1, 2022

Corridor TryHackMe Walkthrough

introduction — Hello guys back again with another walkthough this time we are going to be tackling Corridor from TryHackMe. The box demonstrates an Insecure direct object reference vulnerability but with a bit of twists. The images we are trying to access have been md5 hashed so they look totally random but…

Corridor

5 min read

Corridor TryHackMe Walkthrough
Corridor TryHackMe Walkthrough
Corridor

5 min read


Sep 25, 2022

Bad Timing binary exploitation challenge

introduction — Hello guys back again with another walkthrough. This time am going to be showing how I tackled a binary called bad_timing. It was sent over by a friend who just asked me to analyze and exploit any bug I could find. My initial thought was that I was supposed to…

Prng

7 min read

Bad Timing binary exploitation challenge
Bad Timing binary exploitation challenge
Prng

7 min read


Aug 12, 2022

Hacker vs. Hacker TryHackMe Walkthrough

introduction Hello guys back again with another walkthrough this time we are going to be tackling Hacker vs. Hacker from TryHackMe. The box was rated easy but you could have a hard time if you came in with an attacker’s mindset. After performing a nmap scan you discover that port…

Incident Response

8 min read

Hacker vs. Hacker TryHackMe Walkthrough
Hacker vs. Hacker TryHackMe Walkthrough
Incident Response

8 min read


Aug 5, 2022

Agent T TryHackMe Walkthrough

intoduction — Hello guys back again with another walkthrough this time we are going to be tackling Agent T from TryHackMe. A nice easy box that just needed you to identify the version of PHP running then looking online you discover it has a backdoor that leads to remote code execution then…

Remote Code Execution

3 min read

Agent T TryHackMe Walkthrough
Agent T TryHackMe Walkthrough
Remote Code Execution

3 min read


Jul 8, 2022

Committed TryHackMe walkthrough.

introduction Hello guys back again with another walkthrough of Committed from TryHackMe. The walkthrough will be short this time. We are required to do some forensics on a git repository nothing too fancy but it teaches an important lesson. We first start a machine and download a zip file. Extract…

Committed

3 min read

Committed TryHackMe walkthrough.
Committed TryHackMe walkthrough.
Committed

3 min read


Jul 2, 2022

Annie TryHackMe Walkthrough

Introduction — Hello guys back again with another walkthrough this time we are going to be tackling Annie from tryhackme a really amazing box by TobjasR. The box is rated as a medium but according to my opinion it can be classified as an easy box since it just has two steps…

Anydesk

6 min read

Annie TryHackMe Walkthrough
Annie TryHackMe Walkthrough
Anydesk

6 min read


Jun 12, 2022

Mr. Phisher TryHackMe Walkthrough

Hello guys back again with another walkthrough. My vacation just begun meaning more writeups to be seen in the next few days depending on TryHackMe releases timeline. This time we are going to be tackling Mr. Phisher from TryHackMe. The room consist of a document that is supposed to simulate…

Phishing

5 min read

Mr. Phisher TryHackMe Walkthrough
Mr. Phisher TryHackMe Walkthrough
Phishing

5 min read

Musyoka Ian

Musyoka Ian

608 Followers

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

Following
  • Barack Obama

    Barack Obama

  • Nelly Mutai

    Nelly Mutai

  • Kipkirui Victor

    Kipkirui Victor

  • FoxSin34

    FoxSin34

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech