Enumeration Port Scanning We start off with a full TCP port scan to identify any exposed services. The scan shows two open ports, 22 (ssh) and 80 (http). Web Enumeration Visiting the target i...

Here is a basic map of my current home lab graph LR A["Internet"] -->|"WAN 192.168.1.106/24"| B["pfSense Router"] B -->|"WAN 192.168.1.106/24"| C["WAN"] B -->|"LAN 10.0.0.1/2...

Phreaky is a medium web challenge that was part of the HTB 2024 CyberApocalypse CTF. Challenge Hint: In the shadowed realm where the Phreaks hold sway, A mole lurks within, leading them astray. ...

LockTalk is a medium web challenge that was part of the HTB 2024 CyberApocalypse CTF. Challenge hint: In “The Ransomware Dystopia,” LockTalk emerges as a beacon of resistance against the rampant...

Sau is an easy Linux machine from Hack the Box. Here is the tldr; nmap shows ports 22 and 55555 are open and port 80 is filtered. Port 55555 is running a version of request-baskets that...

Inject is an easy Linux machine from Hack the Box. Here is the tldr; There is a website running on port 8080 with a page for uploading images. There is a local file disclosure vulnerability...

MetaTwo is an easy Linux machine from Hack the Box. Here is the tldr; There is a WordPress site with a vulnerable plugin called BookingPress that we can take advantage of to get a password ...

Writeup is an easy Linux machine from Hack the Box. Here is the tldr; There is a DoS protection service blocking most of our automated recon tools, but in robots.txt we find one entry for ...