Ok, ok let’s get into this this Machine was awesome really into this one I was having incredibly crazy trouble with my sql injection but after some researching we can find a tool named joomblah that will take care of this automatically also after attacking WordPress the past boxes this one moves to one called … Continue reading DC-3 Walk-Through
Let us continue people!!, DC2 is here from my DC series this was pretty interesting as we needed more creativity and a little bit of guessing for how to proceed and keep on going with getting a shell, this box is well built as if you keep on moving in the intended path you will … Continue reading DC-2 Walk-Through
Today we will check on the DC series from Vulnhub very great series to begin for Pen testing and to keep a fresh mind for practicing some hacking let’s begin. Started with a arp-scan to find the target box Proceeded with a full port scan and then moved on with a more targeted scan on … Continue reading DC-1 Walk-Through
Another day another box, been somewhat busy with stuff, I really want to be active on my blog but my frequent changing to stuff on what to write, or what to do is killing me sometimes I do some vulnerable boxes or I just move into reading a book ( Web Application Hacker’s Handbook, cough … Continue reading Root-This Walk-through
Let me continue with another post on another awesome and very troll machine from vulnhub it was great at the beginning then all down hill from there incredibly full of rabbit holes and lot’s of creativity to get this one down but still a very laughable one and enjoyable. Start with an nmap scan First … Continue reading Troll Write-Up
Let me start very simple so I kinda wanted to sharpen more my skill in pentesting and decided to do as many vulnhub boxes that I can on my free time, as it seems some of these old school hacks are still very reliable as they still show to appear in the wild so for … Continue reading Goatse Write-Up
So the reason I am calling this a Pentest Challenge is cause it seems that a few people new to the industry don’t understand the fact of computer security seems that the famous ‘iPhone’ is still unbreakable and looks like they still don’t understand that this “hacking” can happen to ANYBODY you do not need … Continue reading Pen-test Challenge
Let me get started that these techniques that I am writing are the most basics one’s out there I am keeping a reminder here that sometimes simplicity works and I don’t need to go the extra mile for an AV Evasion when sometimes I would like to say that 50% of the times nobody updates … Continue reading AV Evasion
OSCP Passed!! Some of my thoughts on this Well after some sleepless nights, poor meals and hard work #TryHarder I am glad to say that I officially passed the OSCP challenge it was a challenge I do say really got me into researching lot’s and I do mean lot’s of enumeration that is the of … Continue reading OSCP Review (Another one…)
I’ve been busy lately with new attack tools, hackthebox, practical pen-test and pen-tester academy (Wow whats wrong with me) but I have been working on me OSWP (Offensive Security Wireless Professional) So without many spoilers I will mention that this test is amazing the course gets really into detail with wireless attacks (outdated, but who … Continue reading OSWP Thoughts
Finally after some hard work I managed to understand and create my first buffer overflow it has been amazing and really worth the learning of course some people might say that this is really to old school as there are different and more techniques to create and detect buffer overflows but sometimes the basic is … Continue reading Buffer Overflows (Free-float FTP)
So lets say you have a shell on a machine that you gain access to over WAN (not LAN totally two different things) you’ve gain root but now you are interested in checking out the local network of your target this is were Port Redirection comes in handy Tools will use: Metasploit Nmap Proxychains … Continue reading Dynamic Port Redirection (Meterpreter)
