NeilSec: Security Learning Blog

Pentesting, infosec, hacking, learning.

  • Home
  • Knowledgebase

VulnHub VM: Stapler

2017-11-20 by Neil Leave a Comment

This has turned out to be quite a fun box to attack because it has multiple ways in and supposedly multiple escalation methods too. I prefer this sort of CTF to the ones where they hide passwords in Base64 encoded jpgs in the page source and that sort of thing. This is less of a puzzle/game and more realistic, albeit an unrealistically badly configured security setup. N.B. when I write these up, I write as I'm doing it so it's not a carefully edited walk-through as such but more of a record (for myself) as to what I did, as I did and the thought-processes which I'm hoping to Continue Reading

LazySysAdmin 1 – revisited

2017-10-13 by Neil 1 Comment

In this post https://neilsec.com/ctf/vulnhub-lazysysadmin-1-ctf-attempt/ I had a crack at the LazySysAdmin VM from VulnHub and found the hidden flag. However it seemed a bit odd/easy to just enumerate some website directories and find a password, whilst ignoring all the Wordpress and myphpadmin bits. So I thought I'd have another look at it to see if there were other ways of rooting the box. Back to Wordpress So going back to the Wordpress site, I had a go at the login page using the credentials. WPSCAN had earlier told us that Admin was a valid username and so I tried the database Continue Reading

Vulnhub: LazySysAdmin 1 – CTF attempt

2017-10-13 by Neil Leave a Comment

I've never tried a VulnHub box before. I initially downloaded the Bulldog one but couldn't even work out what its IP address was! LazySysAdmin 1 caught my eye. Apparently created as the author failed his OSCP - my kind of guy and this one seems to pick up DHCP OK so found it on 192.168.3.20 First off some nmapping to see what's there: Initial Enumeration (makes it sound like I have a formal plan, which I don't, but should) root@kali2017-1:~# nmap -sS 192.168.3.20 Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-13 08:22 BST Nmap scan report for 192.168.3.20 Host is up (0.00025s Continue Reading

Securi-Tay 2017 CTF Walkthrough.

2017-09-11 by Neil Leave a Comment

Googling around the web for a CTF (Capture The Flag) project to try my fledgling hacking skills on I found https://maze.pentest-challenge.co.uk/ the easiest one marked "novice" for something called Securi-Tay 2017. Hopefully their definition of "novice" is similar to mine. I call it a "walkthrough" but it's not a guide intended to follow, more of a diary of what I did right and wrong. On booting the CTF virtual machine, it tells us which IP address to target. In my case it's 192.168.3.99. An nmap scan shows only port 80 running Apache/2.4.10 (Debian). Browsing to the provided IP, we  Continue Reading

« Previous Page

About Me

I’m currently a systems admin / consultant at a IT firm who looks after the computer systems of small businesses in the UK. IT security is only a part of that job. However I’ve always enjoyed breaking into, getting around, subverting and otherwise hacking things, systems and ideas. In tackling some low-level IT security tasks I reignited my interest in the field and this blog charts my progress in the world of Computer Security, legal Hacking, Penetration Testing, Infosec – whatever you want to call it. As a Windows guy I’m learning about Linux, shell-scripting, python and all the other skills needed in this field.

Tags

Apache Boot-to-Root CTF curl dib Dirbuster FreeBSD Hack The Box Linux mysql NFS Penetration Testing PHP RCE shell VulnHub Wordpress

Categories

© 2023 · NeilSec;