Introduction Python can be the most powerful tool in your arsenal as it can be used to build almost any of the other penetration testing tools. We will cover several key areas that will be useful during engagements and help you better understand Python. We are not learning to become a developer; our objective is to become a penetration tester. This room will give you pointers on which you can build and improve....
Introduction Python is one of the most widely used, easy-to-learn, quick-to-understand and most convenient scripting languages; especially for cybersecurity, data science and machine learning. As the learning curve is simple enough to pick up and you can almost find a library for everything if you wish to automate if you search for it. History Python is an interpreted high-level programming language, meaning it reads and executes the codes line by line instead of compiling all at once like Golang or C#, etc....
This machine is classified as Medium difficulty by Micah but may seem hard as it takes tons of enumeration against a domain controller with a webserver running. On the webserver, we will find a documents uploads folder, using its naming convention; we will brute for each and every uploaded document as their meta data contains usernames which eventually leads to getting a default password. We will password spray with the enumerated users and find one valid user....
This box was classified as a medium box by ch4p on HackTheBox. It is also categorized as a OSCP-style box on TJNull’s list. While enumerating port 80, we find an instance of TorrentHoster where we get to upload an image and bypass its filtering to get our initial foothold. For privilege escalation, we leverage CVE-2010-0832 to get root. OS Difficulty IP Address Status Linux Medium 10.10.10.6 Retired Phase 1 - Enumeration Nmap As usual, we start off with a Nmap to identify open ports:...
This box is classified as easy, but we at CovertBay decided to classify it as super easy, thanks to InfosecJack on HackTheBox. Since the web application page did not have any kind of authentication and allowed us to download packet capture files (.pcap) where when analyzed; reveals a FTP username and password which is also the credentials for SSH. Once logged in, as this box’s name suggests, the privilege escalation path is via Linux capabilities....