Web apps don't always serve the "live" version of every page to save CPU cycles. Some parts of a site, like CSS files, … [Read More...]
Featured Articles
Delivery
Delivery is an easy level box that is beginner friendly with assigned IP of 10.10.10.222. It requires creative thinking … [Read More...]
Persistence on Linux: Tips and Tricks
So you break into a system! You feel the rush and start doing sneaky things. But think about it... How cool would it be … [Read More...]
Editorial Picks
Cryptojacking: a hands-on guide for pentesters
Because attackers continuously devise new schemes for monetizing hacked machines, cryptojacking has emerged as one of … [Read More...]
Linux Commands Cheat Sheet
Linux is the software layer on top of the computer hardware and gives the command. Unlike traditional OS such as Windows … [Read More...]
Understanding Google Dorks and How Hackers Use Them
The idea of using Google as a hacking tool or platform certainly isn't novel, and hackers have been leveraging this … [Read More...]
Latest Blog Updates
Loading...Web Cache Poisoning: Guide to Exploitation
Web apps don't always serve the "live" version of every page to save CPU cycles. Some parts of a site, like CSS files, don't tend to change all that much. So the dev can teach the backend to load these files directly from memory if requested often. This is to prevent slow disk reads. Web cache poisoning occurs when you trick the server into caching a resource containing content supplied by the user and serving that to others, even though it's not how the page should look. Of course, caching hacks are nothing new. Like in 1999, when a DNS cache poisoning attack let hackers deface Hillary Clinton's website. … [Read More...]
Delivery
Delivery is an easy level box that is beginner friendly with assigned IP of 10.10.10.222. It requires creative thinking to solve it. It presents a helpdesk and a Mattermost instance. Creating ticket on helpdesk, mail is received to update the ticket that can be used to create Mattermost account. The Mattermost contains the important conversation disclosing SSH creds. These creds will be used to access the box and then privilege escalation will be done with some cool stuff. nmap scan First run nmap scan with following command nmap -sV -sC -A -T4 -p- -oA nmap_scan 10.10.10.222 Delivery Website Go … [Read More...]
Persistence on Linux: Tips and Tricks
So you break into a system! You feel the rush and start doing sneaky things. But think about it... How cool would it be if you could keep this machine hacked? Then, you could hop back on when you want. Maybe you hacked an internal machine via an SSRF port scan and want to keep your access. The ability to access a machine again and again in the future is called persistence. As a pentester, this is crucial. You can hack a machine one day, and then continue from where you left off the next day. Even if the machine is restarted, you can regain access. Or if the user finds your malware and deletes it, it will … [Read More...]
Command and Control C2: Writing One From Scratch
What do you think of when you hear the term "malware" or think about learning to make it? Perhaps images of hackers and elite exploits dance in your mind's eye. That's what most people think. In reality, the main skill in writing malware is just normal software engineering. In this article, we'll show you how the core infra of a malware attack works. To that end, we'll write a working command and control server using Javascript. More precisely, we're writing a command and control (aka C&C aka C2) server. That's the part of the malware that manages all the infected victims and sends commands to run on … [Read More...]
Port Scanning with SSRF
SSRF stands for Server Side Request Forgery. It means a user can trick the server into making requests for us. We could then use the server as a proxy, or worse, access resources on the server's internal network that are not meant to be publicly accessible. For example, we can initiate requests on the local network to find services running locally that aren't accessible from the global internet. This is a great way to map a target's internal network early in a penetration test. IT admins tend to put up less strong defenses for internal resources. Port scanning with SSRF is a great way to see these less-defended … [Read More...]
Become a Member
