linux
-
Yo everyone, back with another write-up, I started with an Nmap scan and found ports 22, 80, and FTP open. FTP took a long time to respond. After visiting the web page, I checked the Apache default page and it mentioned adding team.thm to the hosts file. I added it, then ran Gobuster on the domain to…
-
Yo, back with another write-up, I started with an Nmap scan which showed ports 80 and 22 open. Obviously, I ran an aggressive scan after that. It revealed another port, but that’s a spoiler, so we’ll get to it later 😉 Next, I performed directory enumeration. There wasn’t anything interesting at first, but I did…
-
Yo, back with another write-up. This one was very easy and took me around 25 minutes to complete, so let’s get started. I began with an Nmap scan, which showed that ports 22 (SSH) and 80 (HTTP) were open. Since a web service was running, the next logical step was enumeration. After that, I used…
-
Yo, finally back with another TryHackMe writeup, I started with an Nmap scan, which showed ports 80 (HTTP) and 22 (SSH) open, indicating a web service and SSH access. After visiting the web page, I didn’t find anything interesting. I then checked the robots.txt file and noticed a disallowed path: User-agent: * Disallow: /zYdHuAKjP When…
-
Alham Rizvi “ Disclaimer : Read Before Proceeding: This guide is for educational purposes only and describes findings from controlled, lab-based experiments. Do not use the information to access systems without explicit authorization. Attempting to crack passwords on live systems can lead to IP blocks, account bans, civil liability, and criminal charges” What is Hydra?…
-
To view this room: https://tryhackme.com/room/linuxfundamentalspart1To view the Gitbook for this, view it here. Topics: Introduction Note: to actually become familiar with Linux, you need to be using it daily. Make sure you have it installed (whether that be as your host system, a dual reboot, or on a virtual machine). For pentesting, most people prefer to use Kali. The…
-
{Task 12} NSE Scripts Searching for Scripts Ok, so we know how to use the scripts in Nmap, but we don’t yet know how to find these scripts. We have two options for this, which should ideally be used in conjunction with each other. The first is the page on the Nmap website (mentioned in the previous task) which contains a list of…
-
{Task 1} Introduction Active Directory (AD) enumeration is a crucial first step in penetration testing Microsoft Windows enterprise networks. During many internal penetration tests, we are often given VPN access to the target network without user credentials. That means we need to gather as much information as possible about the domain: users, groups, computers, and policies. This will…
