-
What to do after SQL injection: Finding Admin Panel
We have already talked about Error Based SQL Injection. If you missed my article on that here is the link: http://www.anonhack.in/2018/04/sql-injection-part-4getting-admin-password/ The question that arises after getting the username and MD5 hash as password is “where do you use those credentials?” The answer to this is simple if there is a user table with password, there…
-
JIS-CTF- Jordan Infosec Capture The Flag Challenge – Walkthrough
This article is a walk through on Jorder InfoSec CTF challenge: https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/ This is a basic web challenge consisting of 5 flags. I ran it on Virtualbox with bridged mode. This app doesn’t require kali os. You can do it on windows as well. To find the vulnerable machines through your attacking machine: http://www.anonhack.in/2018/06/part-2-finding-the-ip-address-of-your-victim-in-your-vmware-hacking-lab-network/ Let’s see the…