Vulnlab Trusted Chain - Writeup
Trusted is an easy chain challenge on VulnLab, created by r0BIT. It features two machines, both running on the Windows platform. The challenge revolves around two Domain Controllers with a bidirectional trust relationship set up. The initial foothold is achieved by exploiting a Local File Inclusion (LFI) vulnerability in an unfinished developer environment, allowing access to the backend database. Within the database, we discover hashed passwords, which we successfully crack. With a...
Vulnlab Forgotten - Writeup
Forgotten – writeup A easy Linux machine on Vulnlab which involves abusing a unfinished installation of a web application, as well as a docker escape leading to a privilege escalation. EnumerationNMAP1./nmapAutomator.sh -H 10.10.78.216 --type Full NMAP automator is a handy script that will prettify the output of the network mapping tool called NMAP. I use nmap-automator for report writing but also run a separate nmap scan. 123456789PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH...
Creating my own HoneyPot with T-Pot
System RequirmentsFor this project, i’ll be using a Virtual Private Server offered by the German cloud provider NetCup. You will learn how to install T-Pot, the all in one HoneyPot in this blog post. My server has the following dimensions which are more than enough to satisfy the system requirments: - RAM 8,192MiB (8GB) - 4x CPU Cores of x86 Architecture - 160 GiB Harddrive Setting up our serverFor the OS I choose Debian 12 with code name “Bookworm”. If you’re also using a VPS, I...
My Notes
Notes for the Offensive Security Exam.. Enumeration Windows Enum Script Execution 123#bypass powershell default restriction, might alert avpowershell.exe -ep bypasspowershell.exe -noprofile -ep bypass -file .\find.ps1 Usernames and Groups 123456789101112131415#get local users psGet-LocalUser#get local user cmdnet users#get local group psGet-LocalGroupGet-LocalGroupMember "Administrators"#get local group cmdnet localgroupnet localgroup Administrators Enumerate groups and...
Introduction to this Blog
A few information about myself1234567┌──(bl4ckout㉿kali)-[~/0xbirb.github.io]└─$ whoami 0xbirb - infoSec addict - passionate about security - purple teamer Links GitHub HackTheBox