Recon Nmap # Nmap 7.94 scan initiated Sat Sep 16 20:47:16 2023 as: nmap -sVC -T4 -Pn -vv -oA ./nmap/full_tcp_scan -p 22,80 10.10.88.25 Nmap scan report for 10.10.88.25 Host is up, received user...

Summary Certificate Statistic Challenges Web Pick Your Starter Info Picking a starter is hard, I hope you can do it. Flag format: PCTF{} Author: @angr404 http://chal...

CozyHosting is an easy-difficulty Linux machine that features a Spring Boot application. The application has the Actuator endpoint enabled. Enumerating the endpoint leads to the discovery of a user...

Zipping is a medium-difficulty Linux machine that features a variety of attack vectors. This machine starts off by identifying a file upload capability within the web application that is vulnerable...

Summary Certificate Statistics My Solves Osint Excellent Vista! Info What a nice spot to stop,lookout and watch time go by, EXAMINE the image and discover where this was taken. NOTE...

https://tryhackme.com/room/lessonlearned Info This is a relatively easy machine that tries to teach you a lesson, but perhaps you’ve already learned the lesson? Let’s find out. Treat this box a...

Recon ┌──(bravosec㉿fsociety)-[~/thm/overpass] └─$ writehosts thm '10.10.37.163 overpass.thm' +---------+--------+--------------+--------------+ | PROFILE | STATUS | IP | DOMAIN | ...

Recon Scripts 5 ports ┌──(bravosec㉿fsociety)-[~/thm/dunkinvuln] └─$ tcpall 10.10.247.184 [+] Running command: sudo nmap -p- --min-rate 10000 -Pn -vv -oA ./nmap/all_tcp_ports --open 10.10.24...

Keeper is an easy-difficulty Linux machine that features a support ticketing system that uses default credentials. Enumerating the service, we are able to see clear text credentials that lead to SS...

unreadable Info There’s an unreadable file….. HINT: Case Sensitive, There’s no space next to ‘{‘ and ‘}’ The use of punctuation marks follows grammar rules. Solve ┌──(br...

Recon ┌──(bravosec㉿fsociety)-[~/thm/Red] └─$ writehosts thm '10.10.136.223 red.thm' +---------+--------+---------------+---------+ | PROFILE | STATUS | IP | DOMAIN | +---------+------...

Delivery is an easy difficulty Linux machine that features the support ticketing system osTicket where it is possible by using a technique called TicketTrick, a non-authenticated user to be granted...

Traverxec is an easy Linux machine that features a Nostromo Web Server, which is vulnerable to Remote Code Execution (RCE). The Web server configuration files lead us to SSH credentials, which allo...

Recon Add to hosts writehosts thm '10.10.250.142 anonymous.thm' CrackMapExec ┌──(bravosec㉿fsociety)-[~/thm/Anonymous] └─$ cme smb anonymous.thm -u '' -p '' SMB anonymous.thm 445 ...

Spoiler Alert : This machine with crash if dir busting too much Recon Nmap # Nmap 7.94 scan initiated Wed Jul 26 05:45:51 2023 as: nmap -sVC -p- -T4 -Pn -vv -oA blog 10.10.71.153 Nmap scan re...