today we will be learning about how to Sending mails from node js. To make a simple website at first we need to initialize a simple express app we require express, path, body-parser, nodemailer. First we need to make install all of these modules with. we initialize express with var app = express(); than we […]
Redcross Writeup / Walkthrough Hack the box
Redcross writeup Summery TL;DR This Writeup is about Redcross on hack the box. It was a Linux box. It starts off with web exploitation via xss on admin stealing his cookies to login to the admin panel. Than command injection in the firewall to get a shell as www-data after recon we find the password […]
Enterprise Writeup / Walkthrough Hack the box
Enterprise Writeup TL;DR This Writeup is about Enterprise, on hack the box. It was a Linux box. It starts off with a SQLInjection for an initial foothold. We dump a database find passwords login to WordPress and get a shell. There we find we are in a docker network. So we port forward a host and […]
Traverxec Writeup / Walkthrough Hack the box
Traverxec writeup Summery TL;DR This Writeup is about Traverxec, on hack the box. It was a Linux box. It starts off with a public exploit on Nostromo web server for the initial foothold. Then we enumerate and find a directory readable by www-data inside a david users home directory there we find a ssh key […]
Postman Writeup / Walkthrough Hack the box
Postman Writeup Summery TL;DR This Writeup is about Postman, on hack the box. It was a Linux box that starts off with Redis exploitation to get an initial foothold. Then we enumerate and find an encrypted ssh key of matt. Next, we crack the ssh key’s passphrase. We use the same credentials on the Webmin […]
Heist Writeup / Walkthrough Hack the box
Heist Writeup Summery TL;DR This writeup is about Heist, it was a windows box that starts off with a webserver we log in as a guest. There we find a config file in which we find encrypted hash’s. from there we get the password. we do a deep port scan find a winrm open we […]
The hardest CTF challenge I have ever played.
When I joined hack the box 6 months back I didn’t know what to do I was trying different machines and I was not able to compromise any. played CTF’s before and won them but this was really new CTF challenges were easier than this. I am writing this in a OSCP prep context because […]
Exploit Education Phoenix | Practical Stack Exploitation
Stack Exploitation like a pro. Stack Exploitation seems pretty intense although it’s easy. In this post, we’ll solve all the stack challenges there are 6 stack exploitation challenges in Pheonix CTF. This is a series of stack exploitation challenges. Starting from Stack zero which is a memory overwriting challenge advances by each level. If you […]
Exploit Education Phoenix | Practical Binary Exploitation
This is a practical guide on a number of binary exploitation techniques, if you are a binary exploitation noob then this is the guide for you. ever wanted to learn about reverse engineering but didn’t because it was too hard? there was a lot of advanced material but not much for noobs. Say no more […]