Image for post
Image for post
Source

This is a practical Walkthrough of “Ready” machine from HackTheBox. Credit goes to bertolis for making this machine available to us and base points are 30 for this machine.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Synopsis

“Ready” is an medium difficulty Linux machine that features GitLab on docker environment. The version of running GitLab which has a vulnerability is 11.4.7 Community Edition. There’s two distinct vulnerability exists on this version of GitLab SSRF and CRLF. Combining both vulnerability we can gain initial access on target machine. Then we need to…


Image for post
Image for post
Source

This is a practical Walkthrough of “Time” machine from HackTheBox. This machine is marked as medium level. Credit goes to egotisticalSW & felamos for making this machine available to us and base points are 30 for this machine.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Synopsis

“Time” is medium difficulty Linux machine that features Apache server hosting a PHP website. The website homepage is “Online JSON beautifier & validator”. Many websites offer APIs, which will return data in JSON format. Often the JSON provided has white space compressed to reduce the…


Image for post
Image for post
Source

This is a practical Walkthrough of “Passage” machine from HackTheBox. This machine is marked as medium level. Credit goes to ChefByzen for making this machine available to us and base points are 30 for this machine.

This walkthrough will be explanatory, because I learned a lot of new things from this machine. So, don’t mind my blabbering.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Enumeration

We will kick off this machine with enumerating using nmap.


Image for post
Image for post
Source

This is a practical Walkthrough of “ScriptKiddie” machine from HackTheBox. Although this machine is marked as easy level, but for me it was kinda intermediate level. Credit goes to 0xdf for making this machine available to us and base points are 20 for this machine.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Enumeration

We will kick off this machine with nmap enumeration.


Image for post
Image for post
Source

This is a practical Walkthrough of “Delivery” machine from HackTheBox. Although this machine is marked as easy level, but for me it was kinda intermediate level. Credit goes to ippsec for making this machine available to us and base points are 20 for this machine.

This walkthrough will be explanatory, because I learned a lot of new things from this machine. So, don’t mind my blabbering.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Enumeration

We will kick off this machine with nmap enumeration.


Image for post
Image for post
Source

This is a practical walkthrough of room “Watcher” from TryHackMe. Although this room is marked as easy level, but for me it was kind a medium level. This room is aimed at Boot2root, Web exploitation, Privilege escalation, LFI.

Room Link: https://tryhackme.com/room/watcher

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

First Things First

Deploy the target machine (this machine might take upto 3–5 minutes to load and accessible) There are two ways to access the deployed target machine. 1) Use attacker box — Provided by TryHackMe, it consist of all the required…


Image for post
Image for post
Source

Room Link

This is a practical walkthrough of room “Retro” from TryHackMe. Although this room is marked as hard level, but for me it felt like medium level.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

First Things First

Deploy the target machine (this machine might take upto 3–5 minutes to load and accessible) There are two ways to access the deployed target machine. 1) Use attacker box — Provided by TryHackMe, it consist of all the required tools available for attacking. 2) Use OpenVpn configuration file to connect your machine…


Image for post
Image for post
Source

This is a practical Walkthrough of “Laboratory” machine from HackTheBox. Although this machine is marked as easy level, but for me it was kind a crazy level. Credit goes to 0xc45 for making this machine available to us and base points are 20 for this machine.

This walkthrough will be explanatory, because I learned a lot of new things from this machine. So, don’t mind my blabbering.

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

Enumeration

We will kick off this machine by enumerating using Nmap.


Image for post
Image for post
Source

This is a practical walkthrough of room “Inferno” from TryHackMe. Although this room is marked as medium level, but for me it felt like difficult. This room is aimed at HTTP basic auth and IDE Exploit and Linux PrivEsc.

This walkthrough will be explanatory, because I learned couple new things from this room. So, don’t mind my blabbering.

Room Link: https://tryhackme.com/room/inferno

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

First Things First

Deploy the target machine (this machine might take upto 3–5 minutes to load and accessible) There are two ways…


This is a practical walkthrough of room “En-Pass” from TryHackMe. Although this room is marked as easy level, but for me it was kind of difficult level. This room is aimed at tricky web application Exploits and PrivEsc.

This walkthrough will be explanatory, because I learned couple new things from this room. So, don’t mind my blabbering.

Room Link: https://tryhackme.com/room/enpass

Passwords, hashes and Flags will be redacted to encourage you to solve those challenges on your own.

First Things First

Deploy the target machine (this machine might take upto 3–5 minutes to load and accessible) There are two ways to…

Aniket Badami

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store