A few weeks ago I had problems with the connection to the Tryhackme-network with OpenVPN. I searched around the internet and found different solutions. For me worked the following simple solution. Open your OpenVPN-Config for THM and edit the following line: Replace it with: Save and close the file and try to connect. On Windows, …
You can find the training room here. As usual, we ran NMAP and wFuzz to gather as much information as we can about the target. With NMAP we get our first useful information. The target is running two apache servers. One on port 8009 and the other on port 8080. So far so good, the …
On the 30th May of 2022, the security form Volexity identified a Remote Code Execution vulnerability at Atlassian’s Confluence. NIST entry can be found here. In the following, we will explore and use this exploit. The Dev’s of Atlassian has released a advisory for the affected products. You can identify recent attacks on your machine while viewing …
A few days ago I ran into an error while setting up a Rasberry Pi for a 4K-TV. The problem was that the video signal aborted after the pi os boot. While searching for a solution I saw that many people are facing this problem. The following are the steps that helped me out. First, …
You can find the training room here. At the beginning as usal we try to get as much information as we can from the target. For this we are using NMAP and Fuzz. As result we get some interesting folders and the open ports on the system. Sadly no open FTP but three different ports …
You can find the training room here. As usual first run our basic recon scans Nmap and fuzz to get more information about the target and the services which are running. Great we found an open FTP, SSH and open Apache port, lets see if there is something to find on web address… Hmmm no …
You can find the training room here. We run our basic scans to find open ports and directories on the target. We found a open SSH port (22) and a open port for Apache (80). Sadly the address only shows the default page of the Apache webserver. Fuzz found something more interesting, an content folder, …
Imagin you forgot your root password after a long vacation at work or you are new to a company and need to get care of old systems with no known credentials or documentation of the system. So what do you do? – Reinstall the hole machine would be a solution but all data will be …
You can find the room here. First of all we run nmap and scan for open ports and services. I also tried a directory scan with gobuster but it cant get a connection to the side, with fuzz all worked fine so I went there forward. When we browse to the .git page we can …
It says follow the white rabbit, so lets go. Looking around the website while checking the sourcecode we found the directory for the pictures. Lets move to this and check if there is something usefull to find. Just some pictures, but this hint’s that there must be some more pages on the website. So we …