Hi everyone! This post is on picoCTF 2022 write-up for web exploitation that was held from 16th March 2022 to 30th Mar 2022. It covers the basics of analyzing the client source codes, path traversal, robots.txt, modifying cookies, directory fuzzing, and SQL injection. Let’s get started! 1. Includes Below shows the main page of the […]
Hi everyone! This post is on picoCTF 2022 write-up for binary exploitation that was held from 16th March 2022 to 30th Mar 2022. In this CTF, there are buffer overflow, on stack shellcode execution, format string attack, function overwrite, C programming array out of bound (OOB) arbilitary write, stack cache, and vulnerable string check. Let’s […]
Hi everyone! Today’s post is on Previse, an easy HackTheBox Linux machine. This machine was released on 8 August 2021. In this machine, a URL redirect status 302 is exploited to leak the actual web page without logining in, exploiting unsanitized POST data run on the server’s PHP’s exec(), extracting user password from one-liner MySQL […]
There is no excerpt because this is a protected post.
Hi everyone! This is a write-up on the recent SANS Holiday Hack Challenge CTF. I hope they will be helpful to you. It is my first time trying out SANS Holiday Hack challenge as they host it yearly. If you haven’t tried it out, the main goal of this CTF is to learn. Hence there […]
Hi everyone! Today’s post is on BountyHunter, an easy GNU/Linux HackTheBox machine. This machine was released on 25 July 2021. This machine requires XML External Entities (XXE) with base64 + URL encoding of the whole XML, base64 filtering to leak file contents. Finally, a custom exploit is needed to exploit an eval() vulnerability in a […]
Dear readers Today’s post is on Cap, an easy GNU/Linux machine on HackTheBox. It was created on 6th June 2021. It is a fairly easy machine to get user access to the server but quite hard to escalate privilege (PE) as the method to do it is very uncommon. This challenge is on understanding the […]
Hi everyone! Today’s writeup is on Racecar, a very easy pwn (binary exploitation) challenge on HackTheBox. This challenge is on format string attack. Let’s get started! Files Given file: racecar (ELF file) Scripts/database made by me: leakflag.py IDA database Tools required Linux Netcat Ghidra IDA (Freeware/Education/Pro) Python3 Pwntools Outlook There are many paths to choose […]
Hi everyone! Today’s post is on path injection. Let’s get started. Identifying path injection vulnerability There are many ways that may lead to path injection vulnerability. However, this post will only focus on path injection vulnerability in bash scripts. Path injection vulnerability usually occurs if root users do not specify the full path of the […]
Hi everyone! Here is a compilation of all the useful links. This post will continue to be updated so stay tuned! Access SQL server Sqsh access MS SQL server (Linux) Active Directory Attackive Directory Walkthrough (TryHackMe) HackTheBox – Forest Write-up HackTheBox – Resolute Write-up Binary files (Static) Static binaries by Andrew-d Encoding x64 alphanumeric shellcode […]
Lamecarrot 
You must be logged in to post a comment.