And we made it people the last box of the series man what a ride learned a bunch with wordpress and other CMS, custom word-lists, enumeration and Burp awesome journey and was great to be part of this, this box was some work into it it all goes with experience but let’s move on with this one first after finding the boxes IP we notice that it only has 2 ports open so our enumeration, will be quick once looking into the webserver and visiting we can see that it resolves into a DNS where we will need to add … Continue reading DC-6 Walk-Through

Another day!!, another box today I am working on DC-5 and it was great learned some awesome attacks and something so simple as “When All You Can Do Is Read” pretty informative give this one a google search, to sum this up it’s just, what would we do when all we can do is read on a box? When we can’t list directories but we can call the famous “/etc/passwd” you do this one because it’s always called on CTF but when you are working on an assessment and you can’t list well you start calling file’s that you know … Continue reading DC-5 Walk-Through

Uuuff Today got DC-4 done and some other stuff this awesome box is a little more work started with enumerating just 2 ports where ssh and HTTP are shown then we see a simple web-login page, that has no security such as not blocking even once the many login attempts that have been done, once logged in we can use the commands shown by intercepting the request with Burp and Tampering it so we can use this to get Code Execution, when this is done we will get a shell and we will need to escalate privileges twice and from … Continue reading DC-4 Walk-Through

Ok, ok let’s get into this this Machine was awesome really into this one I was having incredibly crazy trouble with my sql injection but after some researching we can find a tool named joomblah that will take care of this automatically also after attacking WordPress the past boxes this one moves to one called joomla really great and more on SQL Injections this time I used a few Linux Enumeration Scripts for my privilege escalation part and proceeded to guide myself with it to find a local root exploit to manage a root shell, let’s get started. We will … Continue reading DC-3 Walk-Through

Let us continue people!!, DC2 is here from my DC series this was pretty interesting as we needed more creativity and a little bit of guessing for how to proceed and keep on going with getting a shell, this box is well built as if you keep on moving in the intended path you will continue to receive the proper hint’s to getting a root shell on this box a few tools used for this machine was very well known was such as: Nmap, Wpscan, Cewl, Ncat, and some attacks like brute-forcing, let’s start. Started with arp-scan to find the … Continue reading DC-2 Walk-Through

Today we will check on the DC series from Vulnhub very great series to begin for Pen testing and to keep a fresh mind for practicing some hacking let’s begin. Started with a arp-scan to find the target box Proceeded with a full port scan and then moved on with a more targeted scan on any open ports found Nikto scan come’s back with many false positives but by visiting port 80 we can filter the results to match the CMS we have encountered previously After a few day’s [JK] results are back from our droopescan By enumerating with searchsploit … Continue reading DC-1 Walk-Through