HTB: Networked walkthrough

“Networked” Info Card

Slight hint(s): Unrestricted file upload, bypass image upload restriction, bypass mimetype restriction
Slight hint(s) (PE): shell command injection, unescaped variable command injection
Continue reading

Haystack – hackthebox.eu walkthrough

This is a walkthrough on the machine called Haystack on hackthebox.eu, which most users found frustrating and/or annoying. Personally I would describe it more as a kind of annoying box, and although rated as easy my personal opinion is at least the Privilege Escalation part should be falling a bit more into the intermediate category. cat >> /etc/hosts <<<“10.10.10.115 haystack.htb”
Continue reading

CTF: Gemini Inc 2 walkthrough

VM: Gemini Inc: 2
Author: 9emin1 (vulnhub) @sec_9emin1 (twitter)
Series: Gemini Inc
Difficulty: Intermediate
Privilege Escalation: Intermediate*
Target IP: 172.16.253.129
Slight hint(s): Bypass WAF, redis Continue reading

CTF: Jarbas 1 – vulnhub CTF walkthrough

VM: Jarbas 1
Author: Tiago Tavares (vulnhub) @tiagotvrs (twitter)
Series: Jarbas
Difficulty: Beginner/Intermediate
Privilege Escalation: Beginner/Intermediate*
Target IP: 192.168.1.112
This is a walkthrough on the CTF called Jarbas uploaded to vulnhub. *I’m not sure whether this is to be classified as Intermediate or beginner but it has its own twist on the way of getting a shell due to the lack of nc on the target (probably it’s a bit more into the beginner category).
Continue reading

CTF: Pinky’s Palace v2 (HARD) – vulnhub CTF walkthrough

VM: Pinky’s Palace v2
Author: Pink_Panther (vulnhub) @Pink_P4nther (twitter)
Series: Pinky’s Palace
Difficulty: Beginner/Intermediate
Privilege Escalation: Intermediate/Highly Advanced*
Target IP: 10.0.0.5
Target host: pinkydb

* requires reverse engineering techniques to escalate privileges Continue reading

CTF: Bob 1 – vulnhub CTF walkthrough

VM: https://www.vulnhub.com/entry/bob-1,226/
Author: c0rruptedb1t
Difficulty: Beginner/Intermediate
Privilege Escalation: Intermediate
Continue reading

CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part II)

Part I: Brainpan 1 CTF walkthrough – Introduction to exploit development

Phase #5: Getting a stable shell

As it can be seen from the screenshot, an unexpected event has happened – we are actually provided a windows prompt, however the overall file structure seems to be linux-like: Continue reading

CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part I)

VM: https://www.vulnhub.com/entry/brainpan-1,51/
Difficulty: Beginner/Intermediate
IP: 172.16.253.130 (arp-scan -I vmnet1 –localnet) If you were looking either for a walkthrough on the Brainpan 1 vulnhub CTF or for a tutorial/article to serve as an Introduction to exploit development you clicked on the right link.
Continue reading

CTF: Homeless – vulnhub CTF walkthrough – keep Trying Harder!

This is a walkthrough on the CTF written by Min Ko Ko (Creatigon, l33twebhacker) and posted on vulnhub on 6 Dec 2017

Target: 10.1.13.37 Like the author states, This challenge is not for beginners. It requires advanced knowledge in several fields which a beginner would not be able to solve unless thorough research is done. Initial hint: The user agent that needs to be set is included on the front page, but you would not be able to see it in plaintext. Continue reading

CTF: zico2 walkthrough

This is a walkthrough on the vulnhub zico2 CTF by Rafael Target IP: 192.168.56.105* Continue reading