freelancer hackthebox walkthrough

Hackthebox Freelancer walkthrough

Hackthebox freelancer is based on SQL injection. This CTF is pretty straight forward and gives learning about the SQLMap tool. Here is my way to get the flag from this CTF: The website is made out of bootstrap and php. I checked the contact form but couldn’t find anything, I was thinking at first of

Advertisements

Hackthebox: Grammar Walkthrough

Hackthebox Grammar is based on the MAC [Message Authentication Code] and how PHP handles the MAC strings also called as typejuggling. PHP tries to evaluate the MAC based on the starting strings, if it is valid numeric then it is used otherwise the value will be 0. https://www.php.net/manual/en/language.types.type-juggling.php https://www.owasp.org/images/6/6b/PHPMagicTricks-TypeJuggling.pdf Let’s get to the walkthrough: Once

Advertisements
Advertisements

OVERTHEWIRE NATAS SERIES: 24 – 25 LEVEL Walkthrough

Overthewire Natas 25 Level is based on strcmp() function vulnerability. Generally, strcmp() is used to compare two strings together, We need to generate some kind of error here so we can obtain the password for the next level. The code for the level is here: So, I tried a lot of ways to generate error

Advertisements
Advertisements

OVERTHEWIRE NATAS SERIES: 16 – 17 LEVEL Walkthrough

The walkthrough for the last level is available on this link: http://www.anonhack.in/2018/09/overthewire-natas-series-15-16-level-walkthrough/ This level is little bit similar to the last level. Here we have to perform a command injection. Let’s have a look at the source code of this level: See the highlighted text in the code above. $key variable is the one carrying our

Advertisements

GoldenEye 1 Walkthrough: Vulnhub vulnerable machine

This article is a walkthrough for GoldenEye vulnerable machine. In the description of this machine, it says that it is similar to OSCP machine. So, I have written a walkthrough on it. To download Goldeneye 1, follow the link: https://www.vulnhub.com/entry/goldeneye-1,240/ Requirements: Kali Linux or your favorite OS Virtualbox Goldeneye VM Patience So let’s dig in: Find

Advertisements
Advertisements

SkyTower CTF Walkthrough

The following article is a walkthrough for Skytower Vulnerable machine. This machine is a web application Capture the flag machine. This machine is filtered and an appropriate methodology is required here. Objectives: Obtain the flag.txt file from /root/ So let’s dive: Tools: Virtual Machine or VMware Kali OS I located the skytower vulnhub’s IP address

Advertisements

BOB Walkthrough: Vulnhub CTF Challenge

This article is a walkthrough on how I solved Bob CTF challenge. You can download Bob CTF via this link: https://www.vulnhub.com/entry/bob-101,226/. It is a Beginner to intermediate challenge and at the end we have to gain the root access and get the flag. So let’s do this: To find the vulnerable machines through your attacking machine: http://www.anonhack.in/2018/06/part-2-finding-the-ip-address-of-your-victim-in-your-vmware-hacking-lab-network/

%d bloggers like this: