Natanblog.triplen.tech·Mar 25, 2024HTB - OOPArtDB Writeup\x00 - TLDR; To solve this web challenge I chained the following vulnerabilities:1. Using SSRF with DNSReinding attack in order to extract info from internal API.2. Perform CSRF attack using secret token to register user to the application.3. Using ...Discuss·138 readsHTB Challengeshtb
Mauro CarrilloforAgrawain - Write Upsagrawain-writeups.hashnode.dev·Mar 12, 2024Write up | Access - Maquina Retirada# Nmap 7.94SVN scan initiated Mon Mar 11 22:20:35 2024 as: nmap -p- -sS -vvv --open --min-rate 5000 -Pn -n -oG allports 10.129.216.226 # Ports scanned: TCP(65535;1-65535) UDP(0;) SCTP(0;) PROTOCOLS(0;) Host: 10.129.216.226 () Status: Up Host: 10.1...Discusshtb
Mauro CarrilloforAgrawain - Write Upsagrawain-writeups.hashnode.dev·Mar 10, 2024Write up | Napper - Maquina Activa | Savage Lands Season 4Starting Nmap 7.94 ( https://nmap.org ) at 2023-11-13 13:28 CST Nmap scan report for 10.10.11.240 Host is up (0.079s latency). Not shown: 998 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 80/tcp open http Microsoft IIS httpd 1...Discusshtb
Terminal Intelligence Securityterminalintelligencesecurity.hashnode.dev·Mar 10, 2024Perfection HTB WriteupDuring enumeration, it was noticed that Input validation bypass refers to exploiting weaknesses in an application’s validation checks to submit malicious data that bypasses intended restrictions. Attackers use techniques like filter evasion, context ...Discuss·480 readsPerfection-walkthrough,
Joao Paulo Guedesth3g3ntl3m4n.hashnode.dev·Jan 25, 2024Seal - Hack The BoxReconnaissance First, we start with a full port scan to verify all possible open ports. ─[us-dedivip-1]─[10.10.16.200]─[jpfguedes@htb]─[~/htb/Seal] └──╼ [★]$ sudo nmap -v -sS -Pn -p- 10.10.10.250 PORT STATE SERVICE 22/tcp open ssh 443/tcp op...Discuss·71 readsoffensivesecurity
1NF1N17YXcyberpulsesecurity.hashnode.dev·Dec 31, 2023HackTheBox -TopologyEnumeration: sudo nmap -sS -sV -sC -T4 --min-rate 5000 10.10.11.217 -vv Scanning topology.htb (10.10.11.217) [1000 ports] Discovered open port 22/tcp on 10.10.11.217 Discovered open port 80/tcp on 10.10.11.217 Completed SYN Stealth Scan at 18:40, 0.4...DiscussHackTheBoxCTF
1NF1N17YXcyberpulsesecurity.hashnode.dev·Dec 10, 2023HackTheBox - PCEnumeration First thing we are going to gather information about the target system PC that has been assigned an IP address of 10.10.11.214 using Nmap. I like to use -vv option to learn about the ports while Nmap scans the target system. sudo nmap -sV...DiscussHackTheBoxhtb
Pradip Deyp3ntesterinstanc3.hashnode.dev·Dec 4, 2023Manager HTB Writeup / WalkthroughThe “Manager” machine is created by Geiseric. This is a medium HTB machine with a strong focus on Active Directory Exploitation. So, let’s start……….. Enumeration Add ip to /etc/hosts file as : 10.10.11.236 manager.htb Using Nmap nmap -sC -sV -O ...Discuss·1 like·309 readscertipy
gokupwngoku.pw·Nov 4, 2023Pilgrimage - Linux Easy MachineTL;DR: Through directory brute force, I discovered an exposed .git directory, which allowed me to access the web application's source code and a binary file named 'magick.' After conducting static analysis on this binary, I found that it was from the...Discuss·48 readshtb
Aayush Agrawalnakli-security.hashnode.dev·Oct 27, 2023CozyHosting | HTB Writeup | Aayush AgrawalEstablishing the VPN Connection Download the VPN connection file from HTB, after selecting the desired server (make sure no machines are active on your account at this point). I use OpenVPN so in the terminal type the command, openvpn <address_for_th...Discuss·114 reads#HackTheBox