Hey guys, couple of month back I have decided to not update this medium blog. The reason behind this is, I write/take my notes in a note taking app called craft, it is simply awesome and it allows me to export the notes in various formats. However, medium won't support any of those options or at least they should have ‘markdown’ option for importing. So, I am moving to my GitHub and updating my write-ups over there.

This is a practical Walkthrough of “Breadcrumbs” machine from HackTheBox. Credit goes to helich0pper for making this machine available to us. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “Breadcrumbs” is marked as hard difficulty machine that features Apache hosting PHP…

This will be a practical demonstration of how a student on Moodle version 3.9 can able to exploit XSS vulnerability to gain teachers session and then escalate from teacher to manager to RCE to get local shell. For this to work, you should have access to student account on Moodle…

This is a practical Walkthrough of “Armageddon” machine from HackTheBox. Credit goes to bertolis for making this machine available to us. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “Armageddon” is marked as easy difficulty machine which features Apache, hosting vulnerable…

This is a practical Walkthrough of “Luanne” machine from HackTheBox. Credit goes to polarbearer for making this machine available to us. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “Luanne” is marked as easy difficulty machine that features nginx and supervisor…

This is a practical Walkthrough of “TheNoteBook” machine from HackTheBox. Credit goes to mostwanted002 for making this machine available to us and base points are 30 for this machine. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “TheNoteBook” is marked as…

This is a practical writeup of “Tally” retired machine from HackTheBox. Credit goes to egre55 for making this machine available to us. Although this machine is from 2017 but the simulation of vulnerabilities are real-to-life. Synopsis “Tally” is marked as Hard difficulty machine that features IIS web server and SharePoint CMS…

This is a practical Walkthrough of “Spectra” machine from HackTheBox. Credit goes to egre55 for making this machine available to us and base points are 20 for this machine. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “Spectra” is marked as…

This is a practical Walkthrough of “Ophiuchi” machine from HackTheBox. Credit goes to felamos for making this machine available to us and base points are 30 for this machine. Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own. Synopsis “Ophiuchi” is an medium…