In this challenge, we got an idea of how does a CTF looks like and what are the procedures to find the flags that are hidden. There are multiple approaches to exploit vulnerabilities in the system to gain access to the system and escalate privileges. I hope you enjoyed the walkthrough. K...
Instant root! Overall, I found this machine to be good fun, enjoyed looking into the exploit (given it's severity) and liked the fact there were multiple ways to exploit the target - I learned a lot.About Write up and walkthrough of TryHackMe's Bugle Machine Resources Readme Activity...
hacking penetration-testing learn ctf exploitation collaborate ctf-tools web-application-security ctf-challenges injection-attacks linux-privilege-escalation tryhackme tryhackme-writeups network-scanning-and-enumeration metasploit-and-exploitation password-cracking-and-hash-cracking owasp-top-10-vulnerabilities ...
Here, the previous vulnerabilities have been fixed, and the login form is no longer vulnerable to SQL injection. The team has added a new note function, allowing users to add notes on their page. The goal of this challenge is to find the vulnerability and dump the database to find the f...
Searching for RFI vulnerabilities affecting Cuppa CMS leads to https://www.exploit-db.com/exploits/25971. Let’s confirm the vulnerability: $ curl -s http://10.10.67.236/45kra24zxs28v3yd/administrator/alerts/alertConfigField.php?urlConfig=../../../../../../../../../etc/passwd ...
Security Find and fix vulnerabilities Actions Automate any workflow Codespaces Instant dev environments Issues Plan and track work Code Review Manage code changes Discussions Collaborate outside of code Code Search Find more, search less Explore All features Documentation GitHub Skills Blog So...
Learn to use Metasploit, a tool to probe and exploit vulnerabilities on networks and servers. ### [TASK 2] Initializing... First things first, we need to initialize the database! Let's do that now with the command: `msfdb init`. Before starting Metasploit, we can view some of the ad...
Instant root! Overall, I found this machine to be good fun, enjoyed looking into the exploit (given it's severity) and liked the fact there were multiple ways to exploit the target - I learned a lot.
Pentesting (Walkthroughs) BasicPentesting Web Enumeration Linux Enumeration Brute Forcing Hash Brute Forcing SSH Key CC: Pen Testing Network Enumaration Web Enumeration Exploitation SQL Injection SMB Enumaration Brute Forcing Hash Misconfigured Binaries Common Vulnerabilities and Exposures (CVE) Sudo Secur...