Impatient person’s walkthrough for vulnhub’s DC-1
Plan A 1. discover http on 80 with drupal 7 2. Metasploit, search for drupal, find unix/webapp/drupal_drupalgeddon2 3. Set options, exploit and we have Meterpreter shell 5. Find flags in…
Welcome to MadUnix.com
Hacking Walkthroughs for Vulnhub Virtual Machines
Plan A 1. discover http on 80 with drupal 7 2. Metasploit, search for drupal, find unix/webapp/drupal_drupalgeddon2 3. Set options, exploit and we have Meterpreter shell 5. Find flags in…
1. scanned, found tcp/80 open 2. Found wordpress install 3. Found 3 usernames with wpscan. Was an old ver, could have exploited that. 4. Found hints recommending using cewl to…
Rainbow Tables are not merely precomputed databases of hashes and their password equivalents. I’ve seen this in many study resources from EC-Council to Study guides for IT Security certifications and…
1. ProFTP 1.3.5 vulnerable because: The mod_copy module implements SITE CPFR and SITE CPTO commands, which can be used to copy files/directories from one place to another on the server.…
Nutshell for wgel on tryhackme is: 1. Found username in source of http://target = jessie 2. Found id_rsa on http://target/sitemap/.ssh/id_rsa 3. Ssh-ed in with the id_rsa private token 4. Privilege…
Key learning opportunities here: – Exercise LFI – Local File Include by using anonymous FTP login, upload reverse-php-shell.php into ftp, then call it through a web browser or curl to…
1. Scan reveals tcp 22,80 2. gobuster/dirb shows us a wordpress installation 3. wpscan –url http://$targetIP/wordpress –enumerate u shows us two user names. (Redacted here. Figure it out.) 4. curl…
This was my first intermediate box without reading the walkthrough for hints so I’m a little stoked. I just leveraged all I learned on the beginner VMs and got through…
Impatient Person's walkthrough of Vulnhub / Offensive Computing's Loly Machine (Intermediate difficulty)
This is a fun box! Nmap to find TCP/22, 80 and 33060 open. Use gobuster to uncover hidden directories and look for http://192.168.120.224/admin (or whatever IP you’re targeting.) You’ll find…