VulnHub Write-Up Kioptrix Level 1

How I obtained root access on the Kioptrix Level 1 virtual machine from VulnHub.

Introduction

I am a frequent visitor of several information security communities and blogs. Whenever someone asks a question along the lines of “Are there any real world vulnerable by design challenges” the Kioptrix series keeps getting mentioned. I thought I’d bite the bullet and see what the Kioptrix challenges are all about starting with Kioptrix Level 1 which can be downloaded here.

Virtual Hacking Labs Penetration Testing Course Review

A review about the Virtual Hacking Labs Penetration Testing Course and vulnerable by design lab infrastructure.

Introduction

After completing my eLearnSecurity Certified Professional Penetration Tester v4 (eCPPT) exam I wanted to keep my skills sharp and put my newly gained penetration testing knowledge to the test in a practical lab environment. While visiting the netsecstudents Reddit I found several posts discussing Virtual Hacking Labs.

Hack The Box Write-Up Valentine

How I obtained root access on the Valentine machine from Hack The Box.

Introduction

Hack The Box is an online platform that hosts virtual machines that are vulnerable by design to sharpen one’s penetration testing and security skills. Valentine was a fun machine to compromise as it suffers from a very well-known vulnerability. In addition to this well-known vulnerability one needs several other puzzle pieces to gain root access. This makes the Valentine machine an interesting learning experience.

Hack The Box Write-Up Chatterbox

How I obtained system access on the Chatterbox machine from Hack The Box.

Introduction

Hack The Box is an online platform that hosts virtual machines that are vulnerable by design to sharpen one’s penetration testing and security skills. Gaining system access on the Chatterbox machine is not very complex as an initial low privilege shell can be obtained through a service with a known vulnerability and publicly available exploit. Elevating privileges and gaining system access can be a bit more challenging as it requires some more advanced techniques.

Post Exploitation File Transfers on Windows the Manual Way

Post exploitation techniques for file transfers on Windows operating systems without the use of Metasploit or other advanced tools.

Introduction

No Metasploit! you told yourself, as you accepted the challenge of creating an exploit manually. Taking your time carefully preparing the exploit, will it work, will I get a shell? You run the exploit and are greeted with a reverse cmd.exe shell on the Windows victim, your excitement soon fades however as the post exploitation phase begins you need a way to transfer files. Fear not as there is a multitude of ways to transfer files to and from a Windows victim without advanced tools such as Metasploit.

Pagination


© 2018. All rights reserved.