The Wire Shark -

Billing

Starting off with a Rustscan revealed that ports 22, 88, 3306, and 5038 were open I headed to port 80 to see what I could find. I was greeted with a login page. I tried the normal few usernames and passwords with no luck. I moved to SQL and other tricks, but no luck there. […]

Stable Shells

So now you have your rev shell, but now what? Are you looking at a low-quality shell with no tab to complete or all the fun features you have come to enjoy? You will need a stable shell if you want to be able to use certain commands like su and sudo. The good news […]

mKingdom

mKingdom room can be found here. I started off with a Rustscan, I also did a full Nmap scan but nothing new to add. HTTP is being hosted on port 85. Going to the website, I was greeted with a fine image to remind me of my failures in life. A little too soon, Bowser. […]

Cyber Heros

Explore the TryHackMe Cyber Heros box in this write-up. Learn how to scan ports with Nmap, enumerate directories with Gobuster, reverse the password, and capture the flag

Installing Rustscan

Sometimes you want to get a quick scan done and Nmap can take a while. This is where Rustscan can speed things up, I will walk you through installing and using Rust on Kali Linux. The Git Hub page can be found here You can get the Kali download here. Please note that you will […]

Cap VM – Hack The Box

https://app.hackthebox.com/machines/Cap This is a very easy box. With Hack The Box, it takes a long time to run nmap. I started nmap and loaded up the IP in my web browser to see if there was a website. Enumeration Initial Web Enumeration Visiting http://10.10.10.245/, the title page mentioned /ip. However, instead of running wfuzz immediately, […]

TryHackMe – IDE Walkthrough

Introduction In this write-up, I will walk through my process of exploiting the TryHackMe IDE machine, gaining an initial foothold, escalating privileges, and ultimately capturing the root flag. Enumeration 1. Scanning for Open Ports I started with an Nmap scan to discover open services: This revealed the following key findings: 2. FTP Enumeration Anonymous FTP […]

TryHackMe – IDE Walkthrough

In this write-up, I will walk through my process of exploiting the TryHackMe IDE machine, gaining an initial foothold, escalating privileges, and ultimately capturing the root flag. Enumeration 1. Scanning for Open Ports I started with an Nmap scan to discover open services: This revealed the following key findings: 2. FTP Enumeration Anonymous FTP access […]

Investigating an Android Backup – Hack The Box Write-Up

Challenge Overview This challenge provided a downloadable file named cat.ab, which was identified as an Android Backup file. The goal was to analyze the backup and extract hidden information, ultimately leading to the discovery of the flag. Step 1: Identifying the File Type After downloading the file, I used the strings command to inspect its […]

Stegseek: Fast and Efficient Steganography Too

Introduction Steganography is the practice of hiding information within digital media, such as images or audio files. One common steganographic technique involves embedding hidden messages inside JPEG images using tools like Steghide. However, retrieving these hidden messages can be time-consuming, especially when dealing with password-protected files. This is where Stegseek comes in. Stegseek is a […]