Infosec Write Ups

​ Mr. Robot is an Easy difficulty Linux machine of TryHackMe. Here we will find a Wordpress site and we will take advantage of a provided dictionary to attack the login form, allowing us to put a php reverse shell on the site to get a foothold.After that, Linux Smart…

Description: what is 403 forbidden bypass? Bypassing 403 Forbidden Error indicates that the client was able to communicate with the server, but the server won’t let the client access what was requested. Dir brute: Brute-force after 403 forbidden dir. And choose the right wordlist. Like your targeted website running on…

Shell is a program that takes commands from the keyboard and gives them to the operating system to perform. Shell is a program that takes commands from the keyboard and gives them to the operating system to execute. The common bash or sh programs in Linux are examples of the…

Introduction Hi, I am Syed Mushfik Hasan Tahsin aka SMHTahsin33, a 18 Y/O Cyber Security Enthusiast from Bangladesh. I am into Infosec due to curiosity and I do bug bounties in free time. Working in this sector for about 2.5+ Years now. Getting Into the Target Let’s dive into…

WPScan is a black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites. In part one, we have completed the learning for Gobuster section. So, in this post, we will continue to explore the WPScan section of this room. WPScan is…

A walkthrough on the CVE-2022–30190, the MSDT service, exploitation of the service vulnerability, and consequent detection techniques and remediation processes Task 1: Introduction Microsoft explains that “a remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this…

Meow Starting Point HackTheBox Walkthrough[Writeup] Meow is a very good Challenge by HackTheBox for starting to practice Hacking skillls. So without any delays let’s get into it.

This is a writeup for the retired machine RouterSpace from Hack The Box Link: https://app.hackthebox.com/machines/444 Setting-up the Environment For this machine we will need an Android Emulator and Burpsuit or OWASPZap connected with that android emulator. I have solved this lab on my Windows machine. Android Emulator — There are various type of…