CHALLENGE DESCRIPTION Who is lucky enough to be included in the phonebook? In the beginning, we first visit the web page and got a login page :))

CHALLENGE DESCRIPTION Can you exploit this simple mistake? First Start Instance and then you are provided with an web address in the form of <ip>:<port>. Copy it and open it in another tab or browser. In my case it was http://134.209.18.1:30563 Now let’s visit the webpage:

Recently blackhat hackers approached us saying they could takeover and are asking us for a big ransom. Please help us to find what they can takeover. Our website is located at https://futurevera.thm Difficulty = Easy Challenges: Sub-Domain Enumeration, Sub-Domain Takeover. TryHackMe Room Link: https://tryhackme.com/room/takeover The beginning starts the machine and grub the IP…

John was working on his smart home appliances when he noticed weird traffic going across the network. Can you help him figure out what these weird network communications are? Difficulty = Easy Challenges: Network Analyze, IoT Hacking. Beginning start with Rustscan. For scan, we use ‘-a’ flag to specify our target. …

MD2PDF 🚀 TopTierConversions LTD is proud to present its latest product launch. This easy-to-use utility converts markdown files to PDF and is totally secure! Right…? Difficulty = Easy Challenges: PDF, Markdown, SSRF. Beginning we start with Nmap scan. For scan we use ‘-sV’ flag to know about services & versions. …

Nowadays Asus laptops have a preinstalled program called Asus Battery Health Charging. In recent laptops, this feature is integrated into the MyAsus application. Using this feature users can set the charging threshold to 60% when they use it on AC power. A laptop will maintain a 60% charge when connected…

Hi, folks. I wanna talk about CVE-2022–0847. & it's called Dirty pipe vulnerability. This is a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. The vulnerability was discovered by…

VulnNet: Internal is a Easy/Medium level Box. It includes enumerating different services and finding useful information to gain user access. For privilege escalation we have to use port forwarding to access TeamCity service and then we can run commands as root user. TryHackMe Room Link: https://tryhackme.com/room/vulnnetinternal There are four flags that need to be submitted in order to complete the challenge: 1.Service Flag 2.Internal Flag 3.User Flag 4.Root Flag