My Study plan for OSCP!
I’m planning on taking the OSCP in Autumn 2022 but it will take a concerted effort to pass, if I even can pass. This is my plan to examine the…
Welcome to MadUnix.com
I’m planning on taking the OSCP in Autumn 2022 but it will take a concerted effort to pass, if I even can pass. This is my plan to examine the…
I spent most of 2021 either racing mountain bikes, training to race or hacking virtual machines on Offensive Computing’s Proving Grounds or TryHackMe.com. Here are some random tactics I picked…
The image above is some of the targets on Offensive Security’s Proving Grounds. It’s where we go to attack remote systems over VPN and try to get two flags and…
PwnScript: A script to query remote target for vulnerabilities. It’s under constant development and I’ll post changes here but I’d love feedback if you have something useful to add. Also…
I’m developing a pentest MindMap using FreeMind and I wanted to share it with the community. During a hiring process, I was tasked with doing a few technical challenges but…
1. ProFTP 1.3.5 vulnerable because: The mod_copy module implements SITE CPFR and SITE CPTO commands, which can be used to copy files/directories from one place to another on the server.…
Nutshell for wgel on tryhackme is: 1. Found username in source of http://target = jessie 2. Found id_rsa on http://target/sitemap/.ssh/id_rsa 3. Ssh-ed in with the id_rsa private token 4. Privilege…
Key learning opportunities here: – Exercise LFI – Local File Include by using anonymous FTP login, upload reverse-php-shell.php into ftp, then call it through a web browser or curl to…
1. Scan reveals tcp 22,80 2. gobuster/dirb shows us a wordpress installation 3. wpscan –url http://$targetIP/wordpress –enumerate u shows us two user names. (Redacted here. Figure it out.) 4. curl…
This was my first intermediate box without reading the walkthrough for hints so I’m a little stoked. I just leveraged all I learned on the beginner VMs and got through…