HTB: Devel Walkthrugh
General Windows Walkthru We start as usual with our nmap-scan We found FTP with enabled anonymous login, lets use this for us. Download all files from the FTP to our current directoy There are only the FIles from the…
Kategorie Security
HTB: Active Walkthrugh
General Active Directory Walkthru First of all perform nmap-scan SMB 445 is open, lets check if we can login with anonymous-login Works! Lets login to the directory that we saw Download all files, and check them locally We found…
The Wireguard Guide
In this guide we will discover different use-cases of Wireguard-VPN and how to install and setup different configurations on different firewalls and so on. The individual ones will not be published directly, I will update the guide over time. pfSense…
Quickstart Guide – OpenVAS
Introduction This article is a follow-up to the installation guide for OpenVAS. We will discover the web-gui andfigure out some main functions of the openvas-scanner and how to use them. Running scans with the Task-Wizard When we run the first…
THM: Fix OpenVPN connection problem
A few weeks ago I had problems with the connection to the Tryhackme-network with OpenVPN. I searched around the internet and found different solutions. For me worked the following simple solution. Open your OpenVPN-Config for THM and edit the following…
THM: tomghost Walkthrugh
You can find the training room here. As usual, we ran NMAP and wFuzz to gather as much information as we can about the target. With NMAP we get our first useful information. The target is running two apache servers.…
Exploit Confluence – CVE-2022-2613
On the 30th May of 2022, the security form Volexity identified a Remote Code Execution vulnerability at Atlassian’s Confluence. NIST entry can be found here. In the following, we will explore and use this exploit. The Dev’s of Atlassian has released a…
THM: ToolsRus Walkthrugh
You can find the training room here. At the beginning as usal we try to get as much information as we can from the target. For this we are using NMAP and Fuzz. As result we get some interesting folders…
THM: Brooklyn Nine Nine walkthru
You can find the training room here. As usual first run our basic recon scans Nmap and fuzz to get more information about the target and the services which are running. Great we found an open FTP, SSH and open…
THM: LazyAdmin walkthru
You can find the training room here. We run our basic scans to find open ports and directories on the target. We found a open SSH port (22) and a open port for Apache (80). Sadly the address only shows…