THM Internal This was an amazing challenge! I learned a few new tricks to thought about documenting it here real quick It all started with a WordPress site.... Easy bruteforce with wpscan wpscan --url http://10.10.40.183/wordpress/ -U wp_users.txt -P /usr/share/wordlists/rockyou.txt Lucky weeee. We got the admin password. First thing to do is insert a reverse shell... » read more
Exposing services with reverse SSH tunnels Reverse SSH port forwarding specifies that the given port on the remote server host is to be forwarded to the given host and port on the local side. -L is a local tunnel (YOU <-- CLIENT). If a site was blocked, you can forward the traffic to a server... » read more
There is no excerpt because this is a protected post.
If you have an android native app with dynamic rendered content, reverse engineering can be tough. Thats why we can use Frida and ADB So what is Frida, exactly? User Guide It’s Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript... » read more
I came across a forensics CTF challenge where they mentioned something about a weird window popping up at startup. It was kinda clear that there must be a scheduled task. Here we go: vol.py -f file.raw --profile=Win7SP1x86_23418 printkey -K "Software\Microsoft\Windows\CurrentVersion\Run"
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
It is my Birthday (100 points) SOLVED xNULL I sent out 2 invitations to all of my friends for my birthday! I'll know if they get stolen because the two invites look similar, and they even have the same md5 hash, but they are slightly different! You wouldn't believe how long it took me to... » read more
With this code you are able to efficiently calculate the offset to an string format vulnerability.
This is an easy pwn challenge from the CSAW 2020 quals called Slithery. Setting up a new coding environment for my data science students. Some of them are l33t h4ck3rs that got RCE and crashed my machine a few times :(. Can you help test this before I use it for my class? Two sandboxes... » read more