ETHICAL HACKING ARTICLES AND WRITE-UPS

TryHackMe Skynet machine walkthrough

Image for post
Image for post
Retrieved from tryhackme.com

[Summary]

Exploitation components comprise but are not limited to:

  • Nmap and NSE scripts
  • smbclient and rpcclient
  • enum4linux
  • GoBuster
  • BurpSuite
  • THC-Hydra
  • Exploit-DB
  • Python, Bash, and PHP
  • etc

[Task 1]

nmap -sS -sV -O -T4 <ip-address> -oN basic_scan.nmap


ETHICAL HACKING ARTICLES AND WRITE-UPS

See how Python can beat Burp Suite in brute-forcing speed and boost your hacking efficiency.

Image for post
Image for post
Retrieved from www.analyticsinsight.net

[Scenario]

‘ UNION SELECT ‘a’ FROM users WHERE username=’administrator’ AND length(password)=20--

What was the indication that this is a successful SQLi hunt? Let’s see what the BurpSuite Comparer has to offer:


TryHackMe Write-ups

The TryHackMe Overpass machine walkthrough with Burp Suite, JavaScript, John The Ripper, and LinPEAS.

Image for post
Image for post
Retrieved from popmech.ru

[Summary]

  • Client-side JavaScript exploitation using Burp Suite
  • Password cracking with John The Ripper
  • LinPEAS target machine enumeration
  • Privilege escalation due to target server’s security misconfiguration

[Scanning]

Nmap:


Ethical Hacking Articles and Write-ups

Fun and simple Wi-Fi deauthentication attack kicking your neighbour out of the network.

Image for post
Image for post

[Introduction]

— Hey, man, can you please turn it down a little?

— Ah, sure, dude, no problem!

And with every step back to the room the sound bar of his phone is climbing up again!

Here it goes:


TryHackMe Write-up

The HackPark educational walkthrough with Metasploit, Msfvenom, Exploit-DB, PowerShell, and RCE.

Image for post
Image for post
Retrieved from Pinterest

Hi, there! I’m glad you’ve joined me on this little TryHackMe HackPack walkthrough and, undoubtedly, you’ll find what you seek whether it’s a solution to a problem or another angle of looking at things. Let’s get started!

[Task 1] Deploy the vulnerable Windows machine

Hi, George! What a nice boat. Do you want it back?

[Task 2] Using Hydra to brute-force a login


TryHackMe Write-up

Metasploit, Exploit-DB, PowerShell, and more.

Image for post
Image for post
Retrived from What’s on Netflix

Hello, there! Here’s an educational walkthrough on the TryHackMe Steel Mountain machine. If you struggle with it or just want to take a look at another approach of solving the challenge, you’re definitely in the right place! Without further ado, let’s dive into it.

[Task 1] — Introduction

What I usually start from is so called (mainly by myself) basic and vuln Nmap scans:

Nmap -sC -sV -O $IP -oN basic_scan.nmap

Nmap -script=vuln $IP -oN vuln_scan.nmap

A little breakdown of these two:


Image for post
Image for post
Retrieved from tryhackme.com
  1. Reconnaissance

First thing we need to do is scanning. Let’s run two Nmap scans:

  • Nmap -sV -sC -O <ip-addr> -oN basic_scan.nmap
  • Nmap — script=vuln <ip-addr> -oN vuln_scan.nmap

The first Nmap scan is very similar to -A (aggressive) scan, but it doesn’t do traceroute. The second one is meant to find potential attack vectors for the victim.

The results is presented in the following screenshot:

Basic Nmap Scan


Image for post
Image for post
Retrieved from tryhackme.com

To hit the ground running on exploiting the Mr. Robot machine we need some information on the target, so let’s run some basic scans which will reveal potential attack vectors. I usually start with a couple of Nmap scans:

nmap -sC -sV -O <ip-address> -oN basic_scan.nmap

nmap — script=vuln <ip-address> -oN vuln_scan.nmap

The following screenshot shows the output of the basic scan.


It’s not just a basic walkthrough but a resource to learn from.

Image for post
Image for post
  1. Deploy the Vulnerable Machine

At the very beginning of the penetration test, I’d like to start with two scans which I usually call basic Nmap scan and vuln scan.

Basic Nmap scan:


Walkthrough on the TryHackMe EternalBlue machine.

Image for post
Image for post
  1. Recon

Before tackling any machine , there is a couple of Nmap scans that I like to use:

Vadim Polovnikov

I love learning and writing about ethical hacking!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store