J3bitokjebitok.hashnode.dev·Nov 11, 2024Cyber Defense Frameworks: Unified Kill Chain (TryHackMe)In this article, I will write a Unified Kill Chain write-up: The Basics that covers What is a “Kill Chain”, What is “Threat Modelling”, Introducing the Unified Kill Chain, Phase: In (Initial Foothold), Phase: Through (Network Propagation), Phase: Out...Discuss#CyberDefense
Pradip Bhattaraiprdp1137.hashnode.dev·Nov 11, 20244T$ CTF Writeup: Homelab ? More like Pwnlab !In this Capture The Flag (CTF) challenge, we were given access to two main targets: an SSH server running on a GoTTY shell and a NAS interface that allowed file uploads. My initial analysis revealed two key pieces of information. First, the SSH serve...DiscussCTF
Pradip Bhattaraiprdp1137.hashnode.dev·Nov 11, 20244T$ CTF Writeup: KittyKittyBankThe KittyKittyBank contract was written in Solidity, which allows users to send and withdraw ether (ETH) from the contract. In this blog post, I am providing a deep-dive into the details of the issue, and how it was exploited. Contract Overview Let's...DiscussCTF
Prashanth Bodepu0xpb.hashnode.dev·Nov 5, 2024Leek NFT challenge#0223 — IntigritiChallenge Overview Challenge Link: https://challenge-0223.intigriti.io/ Challenge By: @x64pr0fessor This challenge demonstrates a potential Cross-Site Scripting (XSS) vulnerability by allowing image uploads with unvalidated metadata, which an att...Discussmonthlychallenge
Ron Twisttwisted007.hashnode.dev·Nov 2, 2024HackTheBox: PermXIntroduction PermX is a cool Easy level machine from HackTheBox. Key points include fingerprinting the website framework in use, identifying an applicable RCE exploit, moving laterally to a user level, then escalating to root by abusing the user’s su...DiscussHackTheBox Writeups#HackTheBox
REHAN SAYYEDdignitas.hashnode.dev·Nov 2, 2024Code AnalysisIntroduction Upon accessing the MU-TH-UR6000 computer, AKA Mother, you will see the Mother UI server. However, since you only have a "Crew" Member level role, you only have read access to limited resources. But there are other ways to access it. Can ...Discuss·26 readsDevsecops#cybersecurity
elc4br4elc4br4.hashnode.dev·Oct 31, 2024Ramnit Lab - Cyberdefendershttps://cyberdefenders.org/blueteam-ctf-challenges/ramnit/ ☢ Para resolver este laboratorio usaré la herramienta volatility3. # Clonamos el repositorio git clone https://github.com/volatilityfoundation/volatility3 #Instalamos los requerimientos...Discuss·1 likeCyberdefenders💎cyberdefenders
elc4br4elc4br4.hashnode.dev·Oct 30, 2024GoodGames - HackTheBox🕹️En esta máquina Linux de nivel easy tocaremos un poco de sql, a través de sqlmap, explotaremos una vulnerabilidad ssti y escalaremos privielgios a través del binario bash jugando con los permisos del mismo desde docker y una shell ssh🎮. Reconoc...Discuss·1 likeHackTheBox🦎CTF Writeup
kurtnettlekurtnettle.hashnode.dev·Oct 25, 2024NetCat - 2 - NRF24CTFProblem Statement What Is The Flag Mentioned In The Source Code? Prerequisites Wireshark (basic use of filters) Solution The challenge statement is a straightforward problem. We need to find the flag in the packet bytes as it will be in the packet...DiscussEWU NRF24 CTF (Online Preliminary Round)CTF Writeup
kurtnettlekurtnettle.hashnode.dev·Oct 25, 2024NetCat - 1 - NRF24CTFProblem Statement One Of My Student Cheating On Pentest Exam, He Didn't Know But I Can See!! Can You See? Flag Format For All Questions: EWU{some_text} 0xRobiul Identify Lab & Attackbox! Example: EWU{ServerIP_AttackerIP} blogger.pcapng Prerequi...DiscussEWU NRF24 CTF (Online Preliminary Round)nrf24ctf-preli
