Timing was a medium rated linux machine which involved fuzzing for files and finding LFI leading us to viewing source code of the application and logging into the admin panel by modifying the role parameter which had a functionality to upload image files only which can be easily by passed…

Adminertoo was a hard rated linux box which involved exploiting SSRF adminer database giving us the ability to do local file read, through that we were able to identify OpenTSDB giving us remote code execution as opentsdb , looking at the database configuration for adminer we were able to find…

Pandora was an easy rated linux machine, starting the box with an nmap scan, there was a web server hosting a template web page, nothing really was of interest on the site, after scanning UDP ports, SNMP service running which reavled a script being ran along with username password being…

In this post I will be sharing my writeup for THM-Brainpan machine which was a hard rated linux machine which was running a windows exe vulnerable to buffer overflow and was running a custom binary which we had rights to execute with no password as a root user. NMAP Nmap scan…

Vulnserver is a 32 bit application vulnerable to buffer overflow. I will be focusing on overflowing the TRUN command as it's easy to do as compared with the rest of the commands available in vuln server binary. Steps required to overflow Steps involved to perform buffer overflow on this program are Spiking Fuzzing Identifying…

In this post I will be sharing my writeup for HTB-Unicode, which was medium rated box, starting with nmap scan there were only 2 ports ssh and http, on the web server there was a template being used on which we can create an account and get a JWT token…

In this post I will be sharing my writeup for HTB-Search machine, which was a hard rated box related to Active Directory, starting with nmap scan there was a service running on port 88 which indicated that this is a domain controller as kerberos runs on 88, the web server…

Hello everyone , in this post I will be sharing my writeup for HTB-Backdoor which was a easy rated linux box, starting with nmap scan we can 3 ports out of which port 80 and 1337 were of our interest, the web server was running wordpress using a default template…

Hello everyone, in this post I will be sharing my writeup for HTB-Shibboleth which was medium difficulty linux box, starting with nmap scan the only port that was open was port 80 on which apache was running and few UDP ports. Checking the web server it was having a template…