Category: Python
-
Basic ELF Shell | PwnTools
While doing the HTB Fortress JET I am required to overflow a vulnerable binary named leak. With limited BOF experience (strictly to Immunity Debugger) I decided this is a good time to learn how to use PwnTools. Every time we run the binary, it gives us a different memory location. We see here with a […]
-
VulnNet: dotpy | TryHackMe
Well, there’s only one place to start… Straight in with a login, we’re allowed to create a user and log in to view the dashboard for StarAdmin. After browsing around and finding the server likes to block certain characters, we find it’s vulnerable to SSTI We discover there is a filter in place to block […]
-
Watcher | TryHackMe
A boot2root Linux machine utilising web exploits along with some common privilege escalation techniques. Medium difficulty. Starting with an nmap scan we see open FTP, SSH and HTTP. FTP doesn’t accept anonymous logins so on to poke at the web server. I like feroxbuster and initially the /dirb/common.txt wordlist for a quick overview of hidden […]
-
Wonderland | TryHackMe
Fall down the rabbit hole and enter wonderland. Medium difficulty. Starting with enumeration there’s nothing much to see. On to the web app. Dirbusting quickly leads to this page, and a folder with some images. I run them through steghide and binwalk to see if there’s anything hidden inside but don’t find anything. Further directory […]
-
IDE | TryHackMe
“An easy box to polish your enumeration skills!” As usual we start with basic enumeration. We can see as is usual with these easy CTF boxes, we have FTP, SSH and HTTP open. FTP allows anonymous login, and there’s a file named “-” containing the following information. Hey john, I have reset the password as […]