Jul 4eJPT in My Point of ViewI am writing a post after about a year since I have been busy with studies and work. Nowadays a lot is going on in our country and people are having a very hard time. …Cybersecurity4 min readCybersecurity4 min read
Published in InfoSec Write-ups·Jul 17, 2021VulnHub — VulnCMS:1 WalkthroughVulnCMS:1 is an easy level, Mr. Robot themed boot2root CTF challenge where you have to enumerate the box , find the CMS version, and exploit in order to gain access. Let’s start with finding the IP of the victim.Vulnhub4 min readVulnhub4 min read
Published in InfoSec Write-ups·Jul 11, 2021VulnHub — Hacksudo: ProximaCentauri WalkthroughVulnHub — Hacksudo:ProximaCentauri is a medium level boot2root challenge where you have to enumerate the machine thoroughly and exploit a CMS vulnerability in order to gain access. Let’s start with finding the IP of the machine.Vulnhub6 min readVulnhub6 min read
Published in InfoSec Write-ups·Jul 8, 2021VulnHub — Momentum 2 WalkthroughVulnHub Momentum 2 is a medium level boot2root CTF challenge, where you have to perform some code reviews very thoroughly and exploit an unrestricted file upload vulnerability in order to gain access. Let’s begin with finding the IP of the VM. I used Nmap for this purpose.Vulnhub6 min readVulnhub6 min read
Published in InfoSec Write-ups·Jun 20, 2021VulnHub — Crossroads WalkthroughVulnHub Crossroads:1 is an easy level boot2root CTF challenge where you have to exploit SMB and obtain user and root flags. Let us begin with finding the IP of the VM.Vulnhub6 min readVulnhub6 min read
Published in InfoSec Write-ups·Jun 16, 2021VulnHub — Blogger:1 WalkthroughVulnHub Blogger is an easy level boot2root CTF challenge where you have to penetrate a WordPress blog website and hack your way in Mr. Robot Style:) Let’s get into business. First of all, I used Nmap to find the IP of the VM as follows.Vulnhub5 min readVulnhub5 min read
Published in InfoSec Write-ups·Jun 9, 2021VulnHub — BlueMoon:2021 WalkthroughVulnHub BlueMoon (https://www.vulnhub.com/entry/bluemoon-2021,679/) is an easy level boot2root CTF challenge, where you have to grab 3 flags on your way towards root. Let us begin with finding the IP of the box. Nmap was used to find the IP of the BlueMoon VM as follows.Vulnhub5 min readVulnhub5 min read
Published in InfoSec Write-ups·May 16, 2021TryHackMe — Basic Malware RE WalkthroughWhy Reverse Engineer Malware? Reverse Engineering is used by security professionals for static malware analysis in order to extract useful information of the malware when creating it, such as metadata , embedded resources , encryption keys , headers etc. …Reverse Engineering7 min readReverse Engineering7 min read
Published in InfoSec Write-ups·Apr 12, 2021Exploiting a Windows-Based Buffer OverflowThis article is based on exploiting a simple buffer overflow in Windows using Vulnserver. If you don’t have an idea about buffer overflows, read my previous article about exploiting a Linux buffer overflow here, https://ravi5hanka.medium.com/privilege-escalation-in-linux-via-a-local-buffer-overflow-dcee4f9b4a49 Tools and OSs Used Victim — Windows 10 Attacker — Parrot OS Immunity Debugger (https://www.immunityinc.com/products/debugger/)Buffer Overflow8 min readBuffer Overflow8 min read
Published in InfoSec Write-ups·Mar 27, 2021VulnHub — FristiLeaks 1.3 WalkthroughVulnHub FristiLeaks(https://www.vulnhub.com/entry/fristileaks-13,133/) is a boot2root CTF challenge where you have to exploit an unrestricted file upload vulnerability, and put your efforts on some sort of decoding skills on the way towards obtaining the root flag. After downloading the vm from vulnhub, ensure that the network is set to bridged mode…Fristileaks6 min readFristileaks6 min read
