Hack the Box Challenge: Canape Walkthrough

September 24, 2018

Hello friends!! Today we are going to solve another CTF challenge “Canape” which is available online for those who want to increase their skill in penetration testing and black box testing. Canape is retired vulnerable lab presented by Hack the Box for making online penetration practices according to your experience level; they have the collection of vulnerable labs as challenges from beginners to Expert level. Level: Intermediate Task: find user.txt and root.txt file on victim’s machine. Since these…

Read More >>

Multiple Ways to Secure SSH Port

September 23, 2018

Secure Shell (SSH) is defined as a network protocol to operate network services securely over an unsecured network. The standard TCP port for SSH is 22. The best application of SSH is to remotely login into computer systems by users. This article will be explaining about the network securities which help the network administrator to secure the service of SSH on any server through multiple ways.  Methods Used: Port Forwarding…

Read More >>

Hack the MinU: 1 (CTF Challenge)

September 22, 2018

Hello Friends! Today we are going to solve another CTF challenge “MinU: 1” This boot2root is an Ubuntu Based virtual machine and has been tested using Virtual Box. The network interface of the virtual machine will take its IP settings from DHCP. Your goal is to capture the flag on /root. You can download it from here: https://www.vulnhub.com/entry/minu-1,235/ Level: Easy/Intermediate Penetrating Methodology Network scanning (Nmap) Web Directory Enumeration (Dirb) Found…

Read More >>

Hack the ROP Primer: 1.0.1 (CTF Challenge)

September 19, 2018

Hello friends! Today we are going to take another CTF challenge known as ROP Primer. The credit for making this vm machine goes to “Bas” and it is another capture the flag challenge in which our goal is to capture all the flags to complete the challenge. You can download this VM here. We have 3 levels available here and we are given the login credentials of all of 3 machines…

Read More >>

Hack the Box: Fulcrum Walkthrough

September 17, 2018

Hello friends!! Today we are going to solve another CTF challenge “Fulcrum” which is available online for those who want to increase their skill in penetration testing and black box testing. Fulcrum is retired vulnerable lab presented by Hack the Box for making online penetration practices according to your experience level; they have the collection of vulnerable labs as challenges from beginners to Expert level. Level: Expert Task: find user.txt and root.txt file on victim’s machine. Since these…

Read More >>

Multiple Ways to Bypass UAC using Metasploit

September 16, 2018

Hello friends!! Today we are shading light on User Account Control shortly known as UAC. We will also look how it can potentially protect you from malicious software and ignoring UAC prompt can trouble your system. Table of content Introduction to UAC What is UAC? Working of UAC 5 ways to Bypass UAC Windows Escalate UAC Protection Bypass Windows Escalate UAC Protection Bypass (In Memory Injection) Windows UAC Protection Bypass…

Read More >>

Windows Kernel Exploit Privilege Escalation

September 10, 2018

Hello Friends!! In our previous article we had discussed “Vectors of Windows Privilege Escalation using automated script” and today we are demonstrating the Windows privilege escalation via Kernel exploitation methodologies. For this purpose, we will utilize an in-built Metasploit module known as Local Exploit Suggester. The objective of this suggester is to just identify what parts of a system can be exploitable and to give us an insight on the…

Read More >>

Hack the Box: Poison Walkthrough

September 8, 2018

Hello everyone and welcome to yet another CTF challenge from hack the box, called ‘Poison,’ which is available online for those who want to increase their skill in penetration testing and black box testing. Poison is a retired vulnerable lab presented by Hack the Box for making online penetration testing practice suitable to your experience level; they have a large collection of vulnerable labs as challenges, ranging from beginner to expert…

Read More >>

Window Privilege Escalation via Automated Script

September 8, 2018

We all know that, after compromising the victim’s machine we have a low-privileges shell that we want to escalate into a higher-privileged shell and this process is known as Privilege Escalation. Today in this article we will discuss what comes under privilege escalation and how an attacker can identify that low-privileges shell can be escalated to higher-privileged shell. Table of Content Introduction Vectors of Privilege Escalation Windows-Exploit-Suggester Windows Gather Applied…

Read More >>

Hack the /dev/random: K2 VM (boot2root Challenge)

September 7, 2018

Hello friends! Today we are going to take another CTF challenge known as /dev/random: k2. The credit for making this vm machine goes to “Sagi-” and it is another boot2root challenge in which our goal is to get root to complete the challenge. You can download this VM here. We are given the credentials to login the VM machine (user:password) Let us start form getting to know the IP of…

Read More >>