This post contains the steps to get a root shell with Kioptrix level 2 VM
This VM can he found here. Have a look to find even more VMs
First, we need to discover where the machine is on our network. To do so, let’s use Nmap:
nmap -sP 192.168.1.1/24
After getting the IP address, we need to do some fingerprinting.
nmap -sV 192.168.1.42
Fig. Nmap scan result
... ➦This post contains the steps to get a root shell with Kioptrix level 1 VM
This VM can he found here. Have a look to find even more VMs
First, we need to discover where the machine is on our network. To do so, let’s use Nmap:
nmap -sP 192.168.1.1/24
After getting the IP address, we need to do some fingerprinting.
nmap -sV 192.168.1.2
Fig. Nmap scan result
... ➦Hey there,
Quick blog post for the first VM I created to experiment some of your pentesting skills.
The idea grew up when I developed some security tools (especially the one (CSRFT) I presented at BSides London few weeks ago) to create a legal environment where you could try it out.
I really liked creating this Boot2root VM. So, I’ll create few more that will rely on each other so keep the flags because you’ll need it for the next ones.
... ➦This blog post will be quite fast and will provide you the steps to update the OpenFuck exploit.
This exploit is pretty old but you might need it if you have fun with some vulnerable VMs. Not giving any hint. :-)
Thanks to this blog, I’ve been able to update the exploit.
Here are the steps to make this work :
#include <openssl/rc4.h>
#include <openssl/md5.h>
Search for wget
This contains the solution of the VM: VulnOS.
This is my first write-up for a VM and I’m doing it for VulnOS which is hosted on VulnHub (Great resource if you want to improve your pentesting skills).
In this ’tutorial’, I’m gonna give you the steps I reproduced to get a shell on the machine.
First, start by scanning the network to discover where’s the host.
nmap -sV 192.168.56.1/24
Starting Nmap 6.41SVN ( http://nmap.org ) at 2014-04-08 21:23 CEST
Nmap scan report for 192.168.56.1
Host is up (0.00049s latency).
Nmap scan report for 192.168.56.105
Host is up (0.00018s latency).
We managed to get the IP of the machine. Let’s do some fingerprinting.
... ➦This post is about my last project : my TV Show Manager.
I decided to start it because I wanted something really simple to download my favorite TV Shows. In this post, I’ll explain step by step how to reproduce it at home.
Basically, with this tutorial you’ll set up your Raspberry box by :
... ➦Well.. let’s start ?
This post deals with a project I developed : XSS Callback.
This is not going to be (at least, I hope) a boring post about XSS exploitation. No.
Well, one scenario of using XSS would be to steal victim’s cookie and access the page through his session. This technique is called Session Hijacking. Ok fair enough.
However, some issues are present using this technique, let’s take an example :
The only problem : the user might have logged out of the platform or there might be a timeout on the session.
... ➦This first post is related with one of my project : CSRFT. CSRFT is a Cross Site Request Forgery (CSRF) vulnerabilities Toolkit.
My toolkit allows you to exploit either GET and POST HTTP Requests. During some testings, I had issues with some specific forms.
Let’s take an example of such form :
<form action="http://website.com/blog/" id="form" method="get">
<label class="assistive-text" for="s">Search</label>
<input class="field" id="s" name="s" placeholder="Search" type="text" value="Search Value"/>
<input class="submit" id="searchsubmit" name="submit" type="submit" value="Search"/>
</form>
The code injected on the page to submit the form was like that :
... ➦Starting my own blog has been something I really wanted to do. I’ll add post related to my different projects but also on Web security.
Here are my different motivations :
Hope you’ll have fun to read me. Cheers and see you soon.