Vulnlab Trusted Chain - Writeup
Trusted is an easy chain challenge on VulnLab, created by r0BIT. It features two machines, both running on the Windows platform. The challenge revolves around two Domain Controllers with a bidirectional trust relationship set up. The initial foothold is achieved by exploiting a Local File Inclusion (LFI) vulnerability in an unfinished developer environment, allowing access to the backend database. Within the database, we discover hashed passwords, which we successfully crack. With a compromi...
Vulnlab Forgotten - Writeup
Forgotten – writeup An easy Linux machine on Vulnlab which involves abusing a unfinished installation of a web application, as well as a docker escape leading to a privilege escalation. EnumerationNMAP1./nmapAutomator.sh -H 10.10.78.216 --type Full NMAP automator is a handy script that will prettify the output of the network mapping tool called NMAP. I use nmap-automator for report writing but also run a separate nmap scan. 123456789PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 8...
Creating my own HoneyPot with T-Pot
System RequirementsFor this project, I’ll be using a Virtual Private Server offered by the German cloud provider NetCup. You will learn how to install T-Pot, the all in one HoneyPot in this blog post. My server has the following dimensions which are more than enough to satisfy the system requirements: 123- RAM 8,192MiB (8GB)- 4x CPU Cores of x86 Architecture- 160 GiB Harddrive Setting up our serverFor the OS I choose Debian 12 with code name “Bookworm”. If you’re also using a VPS, I recom...
My Notes
Notes for the Offensive Security Exam.. Enumeration Windows Enum Script Execution 123#bypass powershell default restriction, might alert avpowershell.exe -ep bypasspowershell.exe -noprofile -ep bypass -file .\find.ps1 Usernames and Groups 123456789101112131415#get local users psGet-LocalUser#get local user cmdnet users#get local group psGet-LocalGroupGet-LocalGroupMember "Administrators"#get local group cmdnet localgroupnet localgroup Administrators Enumerate groups and member...
Introduction to this Blog
A little information about myself1234567┌──(bl4ckout㉿kali)-[~/0xbirb.github.io]└─$ whoami 0xbirb - infoSec addict - passionate about security - purple teamer Links GitHub HackTheBox