Enumeration The nmap result tells us the FTP server and web server are open. The version of the web server is IIS 7.5. For the FTP server, it allows anonymous login. Also, we know that there are iisstart.htm and welcome.png files. If we visit the website, we can check these two files. Using the FTP … Read More “Hack the box – Devel writeup” »
Author: Sagahiko
Enumeration Scan the target machine with nmap. The web server and ssh are open. Let’s check the web server first. If we go to the page, we see the image file saying Don’t Bug me! I couldn’t find any useful information on the web page and the source code. There must be something we can … Read More “Hack the box – Shocker (CVE-2014-6271)” »
Enumeration Got the following result from the Nmap scan. I can see web servers are open and the nmap script’s saying changelog.txt is interesting. If we visit the web page, we can see the login page. I tried logging in with the default credentials for pfsense. admin:pfsense However, I failed. Let’s check the changelog.txt file … Read More “Hack the box – machine – Sense” »
Description Figure out how they moved the flag. Solution Download the file. It is a packet file. Open it with wireshark. The log shows it’s looking for mac addresses. And tons of TFTP packets are following. I noticed some files are sent over the TFPT. Let’s check the files. Filter the packets with tftp.type Ok, … Read More “picoCTF2021 – Trivial Flag Transfer Protocol” »
Description Ron just found his own copy of advanced potion making, but its been corrupted by some kind of spell. Help him recover it! Solution Download the file and see the file content. As described, the file is corrupted so we don’t know the file type. In this case, we can check the file signature. … Read More “picoMINI – advanced-potion-making” »