104 Introduction First of all we are going to do some file checks, to see the binary protections and determine the file type pwn104.pwn104: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=60e0bab59b4e5412a1527ae562f5b8e58928a7cb, for GNU/Linux 3.2.0, not stripped We can see that the binary is a 64 bit Least Significant Byte executable, in other words it uses little endian. The binary is dynamically linked to a LIBC and it is not stripped.

Hello and welcome to another writeup, this was actually a CTF hosted by she hacks and I will take you through, how to move your way through graphql API easily. I will be using Altair which is a browser extesion, easy to set up and use. Let us begin. WHAT IS GRAPHQL? Graphql is an open source data query and manipulation language for API and a query runtime engine. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type.

Hello guys and welcome to my walkthrough along this journey of binary exploitation. In this wreiteup we shall be handling the pwn101 room on tryhackme. Before jumping into this room, there are some prerequisites to complete the challenges: 1. C programming language 2. Assembly language (basics) 3. Some experience in reverse engineering, using debuggers, understanding low-level concepts 4. Python scripting and pwntools 5. A lot of patience Let’s learn. 101 Introduction So we first begin with some easy task, I reckon it is gonna be a buffer overflow, I will explain this in the analysis parts.

Hello guys and welcome to another writeup which features an easy tryhackme box accessible here INTRODUCTION Okay so first things first we obviously try and scan for open ports using nmap We can note down a few things and maybe get an idea of how we would attack the box. We see that the ports: 21(ftp), 22(ssh), 80(http), are open. Well we can use port 22(ssh) for later since we have no credentials.

Hello and welcome to the tryhack me writeup Alice on wonderland. OVERVIEW So we will be trying to get some credentials and log in as a particular user and then try to escalate our priviledges to root and get the flag. With that said lets get to it NMAP SCAN After a quick nmap scan we can see that the port 22 and port 80 are open. WEB ENUMARATION From the previous nmap scan we can see that a web server is hosted on port 80 and we can use the IP to see it

Hello guys and welcome to yet another writeup. This is ye another easy box on tryhackme and is accessible here We shall tackle some awesome topics which include: LFI. Priviledge exploitation. Web exploitation. With that said let us get right to it NMAP scan. As usual we are gonna start of by scanning open ports on our machine. We are able to see that port 80 is open and is hosting a web application.

Hello guys and welcome to another writeup featuring linux priviledge escalation. This is an easy box on tryhackme and you can access it here OVERVIEW Okay quick overview, so we will be trying to bruteforce ssh and get some credentials for the box. I had fun on it and I hope you will to so lets get to it. NMAP SCAN First things first a quick nmap scan to check on the open ports.

Hello guys and welcome to yet another Tryhackme writeup. Today we will be handling a medium room which is accessible here. Well the methodology is quite similar to the Archangel methodology with quite a twist. Let’s begin. ACCESSING THE WEBPAGE So I ran an NMAP scan but that was not so productive, so I went directly into the site. First we see that the site has two buttons which when we click on dog for example, we get a picture of a dog.

Hello guys and today I will share with you some breif points that I was able to come up with on Endpoint security where we will talk about how endpoint security works and the various types of endpoint security solutions. With that said let us get into it. Introduction Endpoints are physical devices that connect to and exchange information with a computer network. Some of these examples include, mobile devices, desktop computers, virtual machines, embedded devices and servers.

Hello and welcome to my first writeup on Hack the box machines. We will be handling an easy machine named Sau. We will use real vulnerabilities that were discovered before and we will also make use of exploits that had been used before. Let’s begin. Enumaration First of all we are going to run a NMAP scan to scan for open ports. From the scan we can see that port 22 is open on which ssh runs.