technology
-
Yo everyone, back with another write-up, I started with an Nmap scan and found ports 22, 80, and FTP open. FTP took a long time to respond. After visiting the web page, I checked the Apache default page and it mentioned adding team.thm to the hosts file. I added it, then ran Gobuster on the domain to…
-
Yo, back with another write-up, I started with an Nmap scan which showed ports 80 and 22 open. Obviously, I ran an aggressive scan after that. It revealed another port, but that’s a spoiler, so we’ll get to it later 😉 Next, I performed directory enumeration. There wasn’t anything interesting at first, but I did…
-
Yo, back with another write-up. This one was very easy and took me around 25 minutes to complete, so let’s get started. I began with an Nmap scan, which showed that ports 22 (SSH) and 80 (HTTP) were open. Since a web service was running, the next logical step was enumeration. After that, I used…
-
Yo everyone! Back with another write-up, Today we’re going to solve the w1seGuy room on TryHackMe. First, download the task files provided in the room and then start the machine source.py import randomimport socketserver import socket, osimport stringflag = open(‘flag.txt’,’r’).read().strip()def send_message(server, message): enc = message.encode() server.send(enc)def setup(server, key): flag = ‘THM{thisisafakeflag}’ xored = “” for i…
-
Yo, Back with another writeup! Today, we’ll try to complete the Unstable Twin room. We start with an Nmap scan: nmap -sS -sV <IP> The scan shows that ports 22 (SSH) and 80 (HTTP) are open. What is the build number of Vincent’s server? Answer: 1.3.4-dev To find this, you can use Burp Suite: To get…
-
Yo, Back with another writeup, This one is easy, but only if you automate it. You are given usernames.txt and passwords.txt, and you need to test all the combinations. Once you do that, you’ll be able to log in and retrieve the flag from the website. Manually testing a large number of usernames and passwords…
-
Yo, finally back with another TryHackMe writeup, I started with an Nmap scan, which showed ports 80 (HTTP) and 22 (SSH) open, indicating a web service and SSH access. After visiting the web page, I didn’t find anything interesting. I then checked the robots.txt file and noticed a disallowed path: User-agent: * Disallow: /zYdHuAKjP When…
-
First, I ran an Nmap scan. It showed port 21 (FTP) was open and accepting logins, and port 80 was also open for HTTP. so first i tried to login FTP I downloaded welcome.txt and it has a message: I found this message and also you can extract the other one whale tree file. I…
-
lets gooo Task 1: Intro to AD Breaches Ini /etc/resolv.conf (after) Test Hostname Lookups Bash Why does this work? You’re instructing the DNS resolution service to search between 10.200.54.101 and 10.0.0.1 . So, let’s say you say something like this: Bash What’s happening is this: Task 2: OSINT & Phishing Read through and learn about two very common techniques…
-
Alham Rizvi “ Disclaimer : Read Before Proceeding: This guide is for educational purposes only and describes findings from controlled, lab-based experiments. Do not use the information to access systems without explicit authorization. Attempting to crack passwords on live systems can lead to IP blocks, account bans, civil liability, and criminal charges” What is Hydra?…
