Penetration testing checklist for linux
The linux penetration checklist is a list of points that you should always look into while pentesting into any linux box. It has points from initial foothold to privilege escalation
The linux penetration checklist is a list of points that you should always look into while pentesting into any linux box. It has points from initial foothold to privilege escalation
Crack tcs digital interview with a few tips and tricks. Know where to focus, what to improve, what to learn.
Querier is a medium level windows machine. It exploits the mssql-server running on the box. The privilege escalation to administrator exploits GPP xml files
When a normal user is part of lxd group, he can easily escalate his privileges to root..security.privilege= true creates a privileged lxd container.
Hey pentesters! In this post blog post, I am gonna walk you through canape that is a medium linux machine from hackthebox. Summary The initial foothold on the box is based on python pickle injection that leads to remote code execution. Privilege escalation to user exploits a vulnerability in couchdb that can be leveraged to create a dummy user with _admin role.…
Hi! This is Shreya Pohekar. And Today, its time for Admirer from hackthebox. So it was an "easy" rated machine, still, it needed a vigilant eye to make it through. Summary The initial foothold on the box required a lot of enumeration. The creators of the box really wanted to take a note of every detail. Getting the user required to have…
The internet is on a boom. Enterprises being small or large, and individuals have completely moved over to the virtual world. I get so intimidated by the fact that one just need a laptop and internet and you possess the power to transform the generations!! Internet provided us with endless capabilities but the greater the presence, greater is the security risk!! Why…
We generate enormous amount of data everyday working with virtual machines. Several file are so important that one cant afford to loose them. But what if, oneday you realize that you virtual machine has crashed due to some reason and all your data is gone forever. Seems like a nightmare that no-one wanna encounter. Most of us take file backup on github,…
Hey all! In this blog post, we’ll be walking through blunder from hackthebox. Blunder is an easy level linux machine. Summary The initial foothold on the box requires a bit of enumeration to find out the correct user who can login into CMS:- bludit. There is the file upload vulnerability on the cms that gets the initial shell on the box.…
Waldo is a medium linux machine from hackthebox. The initial foothold on the box is based on understanding a bunch of .php files that leads to sensitive file read such as the ssh private key. Once inside the box, linux enumeration depicts that there is a docker running. The user of the docker needs to be guessed to get successful entry to…
Hey fellow hackers! The post will be guiding you on how to own resolute from Hackthebox. Resolute is an easy rated machine. The box has a very straightforward initial foothold. But owning the administrator is a bit tricky. It depicts another instance of an AD group membership privilege escalation. So let’s get started!! Run the nmap scan to retrieve all the open…
Hey everyone! This is shreya and the blog post covers the step by step guide to pwn secnotes from hackthebox. Secnotes is a medium windows machine. Initial foothold on the box is based on exploiting the sqli on the login page where we get the creds to access smb share. Since we have read.write access on the share, we will be exploiting…
Hey all! This is Shreya Pohekar. This walkthrough will solve Jarvis from hackthebox. Jarvis is an easy linux machine. The initial foothold on the box is based on exploiting the sqli to gain creds of dbadmin. Phpmyadmin is accessible to the users and can be logged via the creds of dbadmin. The initial shell can be obtained by uploading a web shell…
Using a weak password can always be problematic. Lets see how selecting a weak secret key can lead to privilege escalation in JWTs
Nowadays JWTs are widely used as an authorization standard and allows for secure information transmission. There are a lot of features that make JWT the first choice to implement.So let's dive into the blog post to uncover the basic terminologies of JWT, learn to build JWT from scratch and know about its working. What is JWT?? It stands for JSON Web Tokens.…