HTB: Secret [Machine]

Checkout the official page on HTB for more information on the box, or fire up an instance and start hacking along. This is labeled as an “easy” box, but I kind of disagree with that statement. I believe its considered easy, as you’ll soon see, because you can obtain the source code for the applications running on it. Unless you have a strong developer mindset, it can be a bit difficult to figure out where the weaknesses are.
/usr/bin/cat ⏎ 

SSH Tunneling: Accessing NonExposed Applications

SSH is ubiquitous with network communication. It’s everywhere. Almost every platform you can think of has an SSH client that you can use. iPhone? Yep! Android? Yep! Linux? obviously! Windows, macOS, FreeBSD, Android, Solaris? You know it! Hell, even your web browser can be used as a remote terminal session. SSH is a powerful tool, and can do so much more than just connecting to a remote machine. Knowing how use these advanced features can really help you in your IT or development career. There are other nefarious reasons why this is useful knowledge as well. But for the purposes of this post, we’ll be using the example of a corporate network.
/usr/bin/cat ⏎ 

HTB: Delivery [Machine]

Delivery is an Easy machine on Hack the Box. Check out its official page for more information, or to start it up and follow along.
/usr/bin/cat ⏎ 

HTB: Emdee Five for Life [Challenge | Web]

And they said MD5 is useless now… MD54LYFE!~
/usr/bin/cat ⏎ 

Tomato: Vulnhub Write Up

Time to push myself. I decided to go for a “Medium to Hard” box, Tomato this time round. I’m really liking the boxes put forth by the SunCRS Team. This box really helped me solidify some tactics I struggled understand early on. Hopefully you learn something from this as well.
/usr/bin/cat ⏎ 

Cherry: Vulnhub Write Up

After my frustratingly fun adventure with Vulnhub’s Chili image, I decided to continue along and try another image from the SunCSR Team. The next image I found that was considered easy was Cherry. No hint this time. Sounds like a good time, doesn’t it? Let’s dive in! Information Gathering After discovering the IP address of my VM (192.168.1.39), I went to work running an nmap scan of the target system.
/usr/bin/cat ⏎ 

Chili: Vulnhub Write Up

Thanks for checking out my first Vulnhub Box write up! I find these boxes really helpful as I start my journey into the world of cyber security. This is not going to be a traditional walkthrough. I’ll be documenting my entire (well…most) of my thought process, and where I went wrong. Since I’m just starting my journey into the realm of Cyber Security, I hope that some of my pitfalls will help others, and learn from my mistakes. While this one was considered easy, I found it frustrating, yet exciting. It’s always a great time when you get a chance to learn something new.
/usr/bin/cat ⏎ 

Router Backdoor for When Your Upgrade Goes Awry

Hopefully this helps someone else, but it’s mostly for my own edification for if when this issues happens again. This pertains to the Netgear Nighthawk X6 | Tri-Band WiFi Router | AC3200 (R8000) but I’m sure it apply to other (similar) routers. If you’ve ever used a Netgear router, you might not have been a big fan of it’s management UI. I wanted more control over my router so I opted to go for FreshTomato. After a few months, I decided to go through the upgrade process.
/usr/bin/cat ⏎