Today we will be doing the walkthrough for machine called Vulnix from Vulnhub Link for the VM: https://www.vulnhub.com/entry/hacklab-vulnix,48/ Lets start: Machine ip address: 192.168.56.16 root@kali:~/vulnix# netdiscover -i eth1 -r 192.168.56.0/24 Currently scanning: Finished! | Screen View: Unique Hosts 3 Captured ARP Req/Rep packets, from 3 hosts. Total size: 180 IP At MAC Address Count Len … Continue reading Vulnix Walkthrough
DVWA SQLi Part -1
This blog is for walkthrough for DVWA exercise for SQLi injection vulnerability at low level. As we all know SQL injection means injection our own code into sql query and perform actions as per our wish along with original query or dont run the original query and run our own injected query. Lets start: This … Continue reading DVWA SQLi Part -1
Bob walkthrough
Today we will be doing Bob walkthrough. This machine is available on vulnhub at https://www.vulnhub.com/entry/bob-101,226/ Let starts. Findind ip address of the machine. Next is nmap enumeration Port 80 and port 25468 open Port 80 enumeration So we tried to execute some commands, but was failed. After trying / searching, found that more /etc/passwd | … Continue reading Bob walkthrough
Wisdom-2
Don't give up, the beginning is always the hardest
Replay Walkthrough
This is the walkthrough for Vulnhub machine called Replay. You can download this VM from : https://www.vulnhub.com/series/replay,190/ So lets start. Nmap scan show below ports are open. Enumerating port 80. Checking source code. We found something as : <!-- P1:qGQjwO4h6g -->. ( This can be useful later, let see) Gobuster scan on port 80 From … Continue reading Replay Walkthrough
Wisdom-1
To get what you want, you have to deserve what you want. The world is not yet a crazy enough place to reward a whole bunch of undeserving people. Charles T.Munger
DVWA SQLi Part -2
This blog is for walkthrough for DVWA exercise for SQLi injection vulnerability at medium level. Lets start. We will first test the application with valid inputs. So with input as 1, we are seeing the normal output. Now lets try the input for injection. Lets try with single quote('). Now we can see that single … Continue reading DVWA SQLi Part -2
Dina Walkthrough
Today we will be doing the walkthrough for VM called Dina from Touhid Shaikh Link to the machine : https://www.vulnhub.com/entry/dina-101,200/ Lets start: Scanning for the machine root@kali:~/dina# netdiscover -i eth1 -r 192.168.56.0/24 Currently scanning: Finished! | Screen View: Unique Hosts 3 Captured ARP Req/Rep packets, from 3 hosts. Total size: 180 IP At MAC Address … Continue reading Dina Walkthrough
Basic Pentesting: 1
This blog show the privilege escalation walkthrough for machine Basic Pentesting: 1 on Vulnhub Link for the machine :https://www.vulnhub.com/entry/basic-pentesting-1,216/ So we got the reverse shell from wordpress ( by uploading a custom plugin with reverse shell) root@kali:~/basic# nc -l -v -p 8886 listening on [any] 8886 … connect to [192.168.56.4] from vtcesc [192.168.56.101] 55232 Linux … Continue reading Basic Pentesting: 1
Learning and Sharing 