This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Introduction Active Directory is the directory service for Windows Domain Networks. What is Active Directory? It’s a collection of machine and servers connected…
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Windows file system and permissions explained What is the file system? It Is the method and data structure that an operating system uses…
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Key Terms Ciphertext – The result of encrypting a plaintext, encrypted data Cipher – A method of encrypting or decrypting data. Modern ciphers…
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Cracking Basic Hashes John Basic Syntax Basic Syntax for John the Ripper commands: john – invokes the John the ripper program [path to…
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Key Terms Plaintext – Data before encryption or hashing, often text but not always as it could be a photograph or other file…
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Introduction Badly handled file uploads can lead to Remote Code Execution (RCE) if an attacker manages to upload and execute a shell. Will…
So this CTF is categorized as easy, but I would actually say that getting foothold was pretty hard. Once inside, its pretty straight forward enumeration and lateral movement if you’ve done enough information gathering. Anyway, as always I like to start with an nmap scan to see what we’re working with. # Nmap 7.92 scan…
![Attacktive Directory CTF [Walkthrough] -THM](https://book.ghanim.no/wp-content/uploads/2021/08/images.png)
https://www.tryhackme.com/room/attacktivedirectory This CTF is more “guided and less challenge based”. Its one of the more interesting Windows rooms I’ve tried on THM. Enumeration We start with NMAP scan. # Nmap 7.60 scan initiated Fri Aug 6 12:08:59 2021 as: nmap -sC -sV -oN nmap.result 10.10.195.136 Nmap scan report for ip-10-10-195-136.eu-west-1.compute.internal (10.10.195.136) Host is up (0.00046s…
https://www.tryhackme.com/room/mrrobot This is an interesting CTF where the objective is to find 3 keys. As always we start with the enumeration stage. Enumeration There are 2 ports open and 1 closed. We’ll take a look at the webserver. Interesting website. The commands show us videos and pictures, but nothing that can help us find the…
This is an interesting CTF where, based on the name of this machine, I’ll have to analyze a pcap file and try to get some information out of it. So as always, I start with the enumeration stage. Enumeration From the NMAP scan I see that port 21, 22 and 80 are open. Lets check…
Enumeration In the enumeration stage I start off by doing an NMAP scan. There are a couple of interesting ports open, among other things port 445 (SMB) and 1433 (mssql). I’ll run ‘enum4linux’ against the server. The interesting take from that scan was that it dosent require username or password to connect to SMB. We’ll…
Rclone is an amazing tool that is used to manage files on cloud storage. Its fast, easy to use and command line based. You can choose from a wide range of supported providers, such as Amazon Drive, Google Drive, OneDrive, JottaCloud and many more. See the complete list here. https://rclone.org/ In this blogpost I will…
This is a CTF on TryHackMe website. The task is that you will have to help Pickle Rick find 3 ingredients so he can turn himself back into a human. When you deploy the machine you are presented with a website. Enumeration stage The first thing I like to do is look at the source…
Intro OWASP top 10 Injection Broken Authentication Sensitive Data Exposure XML External Entity Broken Access Control Security Misconfiguration Cross-site Scripting Insecure Deserialization Components with Known Vulnerabilities Insufficient Logging & Monitoring [Severity 1] Injection Flaws occur because user-controlled input is interpreted as actual commands or parameters by the application. Injection attacks depend on what technologies are being used and how exactly the input is interpreted by these technologies. Common…
Intro Burp Suite is a framework of web appliccation pentesting tool. It is used to perform web app testing. To install burp suite follow this guide. https://portswigger.net/burp/documentation/desktop/getting-started Overview of Features Proxy – What allows us to funnel traffic through Burp Suite for further analysis Target – How we set the scope of our project. We can also use this to effectively create a site map of the application we are testing. Intruder – Incredibly powerful tool…
