HackTheBox – BabyEncryption Write-up

Hi everyone! Today’s post is one BabyEncryption, a very easy Cryptography challenge on HackTheBox. This challenge was released on 29 May 2021. In this challenge, we will be focusing on decrypting a set of bytes in strings encrypted by modulus. Let’s get started! Files provided chall.py msg.enc Analysis chall.py The chall.py consists of a Python […]

HackTheBox – Bad grades Write-up

Hi everyone! Today’s post is on Bad grades, a HackTheBox easy Pwn challenge. I wouldn’t say it’s completely easy which the number of people who managed to solve it and the rating people gives shows it as well. This challenge is a Return-oriented Programming (ROP) challenge based on double input in scanf(“&lf”). Read on if […]

HackTheBox – Armageddon Write-up

Dear readers, Today’s post is on Armageddon, a GNU/Linux easy machine on HackTheBox. It was created on 28th March 2021. This challenge tests on find CVE vulnerability on a website, pivoting from apache user from web shell to local user by getting information from MySQL using MySQL one-liner, cracking the hash, and privilege escalation through […]

HackTheBox – Writeup Write-up

Hi everyone! Today’s post is on Writeup, an easy HackTheBox GNU/Linux machine. It was released on 9th June 2019. To access the server to get the user flag is fairly simple but to escalate privileges is quite hard for me to find clues until HackTheBox’s discussion forum helped me with some clues. This machine is […]

How to get started with hacking?

Hi everyone! Today’s post is to answer a very commonly asked question by many people on social media or YouTube comments. So if you are one of them who is wondering, I hope these guidelines will help you to get started. Disclaimer: The purpose of this post is to help others get into ethical hacking. […]

HackTheBox – OpenAdmin Write-up

Hi everyone! Today’s post is on OpenAdmin, an easy GNU/Linux machine on HackTheBox. However, many people and I feel that it is more a medium rating machine. OpenAdmin was launched on 5th January 2020. This machine focuses on OpenNetAdmin 18.1.1 CVE to gain access to the server, bad password habit for user account pivoting, file […]

HackTheBox – Hunting Write-up

Hi everyone! Today’s post is on Hunting, an easy Pwn challenge on HackTheBox. It was created on 27th September 2020. This challenge is on creating an Egg Hunter so read on if you are interested. Let’s get started! Files provided There is only 1 file provided which is a 32-bit ELF file: Hunting You may […]

HackTheBox – Phonebook Write-up

Dear readers, Today’s post is Phonebook, a web challenge on HackTheBox. It was created on 31st October 2020. This challenge is on LDAP injection and brute-forcing LDAP login so read on if you are interested! Let’s get started! Files provided There are no files provided for this challenge. Outlook of the website URL of the […]

Simple reverse shell (GNU/Linux version)

Dear readers, Sometimes we may want to spawn a reverse shell from the server we have just pawned especially a Linux web server. It seems trouble to generate a payload from msfvenom. Therefore, here is some easy bash-based reverse shell. Setting up a listening port for incoming TCP connection We can use netcat to listen […]