Enumeration IP: 10.10.10.98 > nmap -sCV -v 10.10.10.98 -oA nmap/ PORT STATE SERVICE VERSION 21/tcp open ftp Microsoft ftpd | ftp-anon: Anonymous FTP login allowed (FTP code 230) |Cant get directory listing: PASV failed: 425 Cannot open data connection. | ftp-syst: | SYST: Windows_NT 23/tcp open telnet? 80/tcp open http Microsoft IIS httpd 7.5 | http-methods: | Supported Methods: OPTIONS TRACE GET HEAD POST |_ Potentially risky methods: TRACE |_http-title: MegaCorp |_http-server-header: Microsoft-IIS/7.

IP: 10.10.10.175 Enumeration > nmap -sCV -v 10.10.10.175 PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http Microsoft IIS httpd 10.0 | http-methods: | Supported Methods: OPTIONS TRACE GET HEAD POST |_ Potentially risky methods: TRACE |_http-title: Egotistical Bank :: Home |_http-server-header: Microsoft-IIS/10.0 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2024-04-11 20:19:57Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: EGOTISTICAL-BANK.

Enumeration IP: 10.10.10.100 > nmap -sCV -v 10.10.10.100 PORT STATE SERVICE VERSION 53/tcp open domain Microsoft DNS 6.1.7601 (1DB15D39) (Windows Server 2008 R2 SP1) | dns-nsid: |_ bind.version: Microsoft DNS 6.1.7601 (1DB15D39) 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2024-04-0 9 07:25:08Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: active.htb, Site: Default-First-Site-Name) 445/tcp open microsoft-ds? 464/tcp open kpasswd5?

Enumeration Nmap Scan > nmap -sCV -v 10.10.10.161 PORT STATE SERVICE VERSION 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2024-04-05 18:32:50Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: htb.local, Site: Default-First-Site-Name) 445/tcp open Eicrosof Windows Server 2016 Standard 14393 microsoft-ds (workgroup: HTB) 464/tcp open kpasswd5? 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 636/tcp open tcpwrapped 3268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: htb.

What is TCP ? Transmission Control Protocol (TCP) is one of the core communication protocols which is used to establish and maintain network connections on the internet and other computer networks. It enables the transfer of data and communication between devices. TCP is connection oriented ensuring the orderly and error free delivery of data packets. TCP works at the transport layer of both the OSI and TCP/IP model. Two protocols exists at the transport layer.

This year I participated in Cyber Apocalypse, a CTF organised by hackthebox and managed to solve a few web challenges. Here is my writeup for didactic octo paddles, a medium difficulty web challenge. In this challenge, we are given the luxury of going through the source code of the web application, so it becomes easier to find vulnerabilities in logic errors. Looking at the source code, the web app is written in javascript and utilise nodejs in the backend.

This is my write up for the Tryhackme mrRobot CTF challenge. The CTF is of easy/medium difficulty but due to the involvement of some enumeration, it was time consuming. The task didn’t involve much outside the box thinking and involved copy pasting some scripts and following instructions on GTFObins. As always we are given an IP address and we just have to scan the ip using nmap. In CTFs, usually there is a http endpoint at port 80 and we can focus on the http port while our nmap scan is running in the backgroud.

This is my write up for Baby Encryption challenge in hackthebox. This challenge was fairly easy and just tested our our scripting skill and logical thinking. Initial analysis In this cryptography challenge we are provided with two files namely, chall.py and msg.enc. The content of these files are: chall.py import string from secret import MSG def encryption(msg): ct = [] for char in msg: ct.append((123 * char + 18) % 256) return bytes(ct) ct = encryption(MSG) f = open('.

This is my writeup for Hackthebox phonebook Web Challenge. Intially finding a way to exploit the website was quite hard, but once we find the vulnerability, the challenge is pretty straight forward and requires just basic bruteforcing. It also tests our scripting skill and all in all, the challenge is a satisfying one. Initial Analysis Visiting the ip address we are greeted with a login page and some information about a workstation user called Reese.

This is my writeup for Hackthebox Templated Web Challenge. The challenge is fairly straight forward and is an easier challenge. Initial Analysis Visiting the ip address provided, we are greeted with site still under construction page with powered by Flask/Jinja2 text at the bottom. img: Site still under construction. Upon investigation we discover that Flask is a python web framework while Jinja2 is the templating engine utilised. Since the name of the challenge also includes templated we can be fairly certain that it has to do something with Server Side Template Injection.