Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding FTP Enumerating FTP Exploiting FTP  Understanding FTP  What is FTP? File transfer protocol is a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this. It relays command and data in a very efficient way.   How does FTP work?  A typical FTP session operates using two channels:  A command channel   A data channel  The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data.  …

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path…

Last Updated on September 28, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsLinux Privilege escalation checklistEnumerationhostnameuname -a/proc/version/etc/issueps Commandenvsudo -llsId/etc/passwdhistoryifconfignetstatfind CommandFind files:General Linux CommandsAutomated Enumeration ToolsPrivilege Escalation: Kernel ExploitsHint/notes Privilege Escalation: SudoLeverage LD_PRELOADPrivilege Escalation:…

Last Updated on March 24, 2023 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsXSS PayloadsWhat is a payload?Proof of ConceptSession StealingKey LoggerExampleBusiness LogicReflected XSSExample ScenarioPotential ImpactHow to test for Reflected XSSStored XSSExample ScenarioHow…

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding SMTP Enumerating SMTP Exploiting SMTP  Understanding SMTP  What is SMTP?  SMTP stands for simple mail transfer protocol. It is utilized to handle the sending of emails. In order to support email services, a protocol pair is required, comprising of SMTP and POP/IMAP. Together they allow the user to send outgoing mail and…

Last Updated on September 25, 2022 by aghanim Buffers are memory storage regions that temporarily hold data while it is being transferred from one location to another. A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write…