hackthebox HackTheBox - Blunder | Walkthrough Recon Starting with an nmap scan: nmap -A 10.10.10.191 -o nmap Starting Nmap 7.80 ( https:*//nmap.org ) at 2020-05-31 17:45 +0545* Nmap scan report for
hackthebox HackTheBox - Quick | Walkthrough Recon export ipaddress=10.10.10.186 ports=$(nmap -p- --min-rate=1000 -T4 $ipaddress | grep ^[0-9] | cut -d '/' -f 1 | tr '\\n' ',' | sed s/,$//); nmap
hackthebox HackTheBox - Admirer | Walkthrough Recon Starting off with an nmap scan. Let's see what's open. export $ipaddress=10.10.10.187 ports=$(nmap -p- --min-rate=1000 -T4 $ipaddress | grep ^[0-9] | cut -d '/'
hackthebox HackTheBox - Cascade | Walkthrough Enumeration Let's start! First let's create a directory for this box. mkdir ~/hackthebox/cascade cd ~/hackthebox/cascade Now, to find out what's going on in the box, let's run nmap.
hackthebox HackTheBox - Magic | Walkthrough Enumeration export $ipaddress=10.10.10.185 ports=$(nmap -p- --min-rate=1000 -T4 $ipaddress | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//); nmap
hackthebox HackTheBox - Traceback | Walkthrough Enumerationvi /etc/hosts 10.10.10.181 traceback nmap -A 10.10.10.181 -o traceback/nmap ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 httpd Apache httpd 2.4.29
hackthebox HackTheBox - Sauna | Walkthrough Enumerationnmap -A 10.10.10.175 -o nmap Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-22 23:19 +0545 Nmap scan report for 10.10.10.175 Host is
hackthebox HackTheBox - ServMon | Walkthrough As always, let's start with an nmap scan: ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.184 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',
hackthebox HackTheBox - Resolute | Walkthrough Recon nmap -A 10.10.10.169 enum4linux 10.10.10.169 > enum cat enum | grep "Account:" You should see some accounts and some creds Make a
xss The XSS Methodology | Finding Cross-Site Scripting Vulnerabilities Recently, one of my friends asked me about my methodology while looking for Cross-Site Scripting, so I decided to do a blog post on it. Here, I will not be
alpine-linux Setup your Private VPN server with AWS EC2, Alpine Linux and OpenVPN in Minutes! Easily setup your private VPN server with AWS EC2, Alpine Linux and OpenVPN in just a few minutes!
Laravel 7: Add a New username Field to the Default Authentication First of all, you need to add the username field in the users table. To do that, add the following in create_users_table.php $table->string('username'); Now, migrate it. php artisan migrate:refresh Add it in the User.php model in
HackTheBox - OpenAdmin | Walkthrough ReconAs always, let's start with a nmap scan. export ipaddress=10.10.10.171 ports=$(nmap -p- --min-rate=1000 -T4 $ipaddress | grep ^[0-9] | cut -d '/' -f 1 | tr
HackTheBox - Traverxec | Walkthrough Enumeration Checking connection: ping 10.10.10.165 Finding out more about the webserver: nmap -A 10.10.10.165 -o nmapresults.txt We see that on port 80, there's a Nostromo service running. Let's see if there's an exploit for it. Checking for
Bug Bounty Hunting Tools setup in Alpine Linux in a Docker! Bug Bounty Hunting Tools set up in Alpine Linux! Link to GitHub repo: https://github.com/abhizer/alpine_linux_bbht I was working with an Ubuntu docker but then decided to switch to Alpine because its light weight and minimal. And, just wanted to
Setting up a Python Development Environment with Docker and Alpine Linux! Frist, download and install Docker Desktop in your computer. Once, you are done with that, you can follow the steps here to create a development environment! Setting up the Docker First pull the docker image: docker pull alpine Verify that it as been downloaded:
Passing Terminal traffic through BurpSuite To pass terminal traffic through Burp, first open up Burp and then you should probably turn the Intercept off. At least, that is what I like to do. We will be using Proxychains here. So, first, let's configure it. vi /etc/proxychains.conf Go
What if I told you that you could make millions, legally, from your home, hacking tech giants? Introduction to Technology and Hacking As we're diving deeper into this fascinating well of technology, it is very possible for us to be naive and forget about the security risks that we might face. The deeper we go, the darker it gets. With this,
recon.sh - Simple recon script A very simple recon script that uses the previous subdomains.sh script, and httprobe, waybackurls by @tomnomnom and then, uses dig to find their IP addresses. Github link: https://github.com/abhizer/recon.sh
subdomain.sh - Complies the outputs of findomain, sublist3r and assetfinder As I am getting started with Bug Bounty hunting, I've found that subdomain enumeration is a key component to it. And, there are a lot of tools that can be used for it, each with their own pros and cons. So, I decided to
HackTheBox - Postman | Walkthrough Postman is an easy marked box in HackTheBox, it just retired and here's my writeup! First, let's add the hostname postman to the hosts file so that, we don't always need to type in the IP address. vi /etc/hosts Hit i (going to
Laravel 6 - php 7.4 | MySQL Errors Fix SQLSTATE[HY000] [2006] & SQLSTATE[HY000] [2002] So, when I was creating my first laravel 6 app and trying to connect it to the database, I got these two errors: PDOException : SQLSTATE[HY000] [2006] MySQL server has gone away Illuminate\Database\QueryException : SQLSTATE[HY000] [2002] Connection refused (SQL: select * from information_
FIXED : Composer - [ErrorException] "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? I had been away from laravel for a few months and today, when I decided to take a look at it again and install laravel/valet, the composer just wouldn't work. Abhizer@Abhizer > ~/Development > composer global require "laravel/valet" Changed current directory to /Users/
Windows Privilege Escalation: DNSAdmins to Domain Admins - Server Level DLL Injection Say you have compromised a Windows machine that provides Active Directory Directory Services to its users and have gained access as a user who is a part of the DNSAdmins group, you can use this method to privilege escalate. Here, what we're doing is:
cracking ssh Crack SSH Keys (id_rsa) with John & rockyou.txt | Password Cracking With John, we can crack not only simple password hashes but also SSH Keys. It is pretty simple, so let's get started. #copying the SSH Key that we have to crack cp ~/.ssh/id_rsa id_rsa We will need a script, ssh2john.py.