Windy's little blog

一切生活中的杂七杂八, and I like CTF.

HackMyVm Talk Walkthrough

Easy one, can be download here.Following is a very simple walkthrough.Scan ports, find 22 and 80. Open Port 80, a chat service.Username has sql injection. So  burpsuite capture the post data, and use sqlmap to dump databases.(User temp is regist

HackMyVm Orasi Walkthrough(SSTI, ELF analysis, APK analysis)

Machine can be download here.Nmap scan ports, 4 ports open.Anonymous login ftp, get a file named "url".Download "url", check filetype, a ELF file.Use "strings" cmd to check useful strings, get nothing but a hint.Check th

HackMyVm Gigachad Walkthrough

Happy Chinese New Year for all CTFers!Machines can be download here.Nmap scan ports.Login ftp as anonymous, get a file.Check file type, it's a zip. Unzip it, get a usrname "chad", and an png file.Check the image, a beautiful building.Fo

HackMyVm Hash Walkthrough(php magic hashes, .Xauthority)

Very interesting machine from HackMyVm, can be download here.Nmap scan ports.Check source code of index.html.Add ".bak" to the extension and scan files of port 80.Download check.bak and check source code.<?php // Login part.

HackMyVm Emma Walkthrough

Machine can be download here.Nmap scan ports.Scan folders and files at port 80.Check robots.txt.Check php version.Google find CVE exploit.Use pwn code from https://github.com/neex/phuip-fpizdam.Get reverse shell.Check ports.Login mysql as user root&n

HackMyVm CelebritySoup Walkthrough

Machine can be download here.nmap -p- -sC -sV --open -oN ports.log 192.168.56.57gobuster dir -u http://192.168.56.57 -t 50 -x .php,.html,.txt -w /usr/share/dirbuster/word

HackMyVm Brain Walkthrough (LFI)

Machine can be download here.Nmap scan ports.Brutefoce port 80.Go on bruteforce in /brainstorm.wfuzz -w /usr/share/wfuzz/wordlist/general/common.txt --hh 0  'http://192.168.56.54/brainstorm/file.php?FUZZ=/etc/passwd&

HackMyVm Insomnia Walkthrough (RCE)

Machines can be download here.Nmap scan ports.Gobuster scan files and folders.Visit main page, get chat window.Visit chat.txt, chat history is here.Visit administration.php, get error.There should be some parameter for administration.php.wfuzz -

HackMyVm Neobank Walkthrough (python requests, google authentication)

Medium level, machine can be download here.Nmap scan ports, only 5000 is open.Gobuster scan folders and files with medium dic.gobuster dir -u http://192.168.56.48:5000 -t 50 -x .php,.html,.txt -w /usr/shar

HackMyVm Locker Walkthrough (privilege escalation through sulogin)

Machines can be download here. Easy but also interesting one.Nmap scan ports, only 80 is open.Open main page, very simple.Check source code, found locker.php.Click "Model 1", then redirect to locker.php and display a picture.Obviously, the
<< < 2 3 4 5 6 7 8 9 10 11 > >>

Powered By Z-BlogPHP 1.7.0