Posts by Tag

gamehacking

Back to Top ↑

cheatengine

Back to Top ↑

ctf

Back to Top ↑

jeopardy

Back to Top ↑

reverse-engineering

Back to Top ↑

dome ctf

Back to Top ↑

idor

Back to Top ↑

rce

Back to Top ↑

bugbounty

Back to Top ↑

smb

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

privesc

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

windows

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

bloodhound

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

spark

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

winrm

Tryhackme Ra Walkthrough

Ra is a windows machine which starts with a typical business website for Windcorp where there is a password reset function which can be used to change a user’s password to gain access to a SMB share to download spark live chat application which is vulnerable that can be used to harvest a user’s NTLM hash that can be used to gain initial access to the machine.On further exploring the machine a script can be seen that contains a username who’s password can be changed since the user has extended rights to change password as he is a member of the account operator group.Analysing the script we can see that there is command injection vulnerability that can be abused to gain admin privilege and pwn the machine

Back to Top ↑

hackthebox

Back to Top ↑