Haystack – hackthebox.eu walkthrough

This is a walkthrough on the machine called Haystack on hackthebox.eu, which most users found frustrating and/or annoying. Personally I would describe it more as a kind of annoying box, and although rated as easy my personal opinion is at least the Privilege Escalation part should be falling a bit more into the intermediate category. cat >> /etc/hosts <<<“10.10.10.115 haystack.htb”
Continue reading “Haystack – hackthebox.eu walkthrough”

OSCP – the road from failing to 105

Introduction to my OSCP Journey

Although this post is mentioned to be an overall overview and resource on how to prepare for OSCP, it is kind of targeted to those who didn’t manage to pass on their first attempt. As I am one of those guys too, and that made me make the necessary adjustments in my learning process. There are tons of reviews on OSCP regarding someone getting the certification after their first exam, and I am not one of them. Yes, I failed it. And do I regret it? Hell no. I dedicated to it and learned tons of stuff since my first exam attempt, and this post will be pointed towards those who failed their OSCP exam attempts and what to stress on when preparing how to successfully achieve the requirements for the OSCP certification.
Continue reading “OSCP – the road from failing to 105”

DNS Cache Posionning and things to remember

As I stumbled on several occasions where DNS Cache Poisoning is properly done but not working out as expected I’m writing the present short article as a reminder for anyone wondering why DNS Cache Poisoning is not working (and for my own reference as well, it’s always great to keep a jewelry box with some small details that could sink a great ship). Continue reading “DNS Cache Posionning and things to remember”

md5 collisions and the way php interprets types (php hash collisions)

As I was recently working on the Homeless vulnhub CTF by Min Ko Ko, one of steps required to proceed further contained the following code: Continue reading “md5 collisions and the way php interprets types (php hash collisions)”