General Active Directory Maschinehttps://app.hackthebox.com/machines/148 Walkthru First of all perform nmap-scan SMB 445 is open, lets check if we can login with anonymous-login Works! Lets login to the directory that we saw Download all files, and check them locally We found some information in the Groups.xml. Lets try to decrypt the hash. Looks like we found …
In this guide we will discover different use-cases of Wireguard-VPN and how to install and setup different configurations on different firewalls and so on. The individual ones will not be published directly, I will update the guide over time. pfSense First we will use Wiregaurd to tunnel into a network behind a pfSense. We start …
Introduction This article is a follow-up to the installation guide for OpenVAS. We will discover the web-gui andfigure out some main functions of the openvas-scanner and how to use them. Running scans with the Task-Wizard When we run the first time a scan, we go to Scans and click on Tasks. Now we can choose …
A few weeks ago I had problems with the connection to the Tryhackme-network with OpenVPN. I searched around the internet and found different solutions. For me worked the following simple solution. Open your OpenVPN-Config for THM and edit the following line: Replace it with: Save and close the file and try to connect. On Windows, …
You can find the training room here. As usual, we ran NMAP and wFuzz to gather as much information as we can about the target. With NMAP we get our first useful information. The target is running two apache servers. One on port 8009 and the other on port 8080. So far so good, the …
On the 30th May of 2022, the security form Volexity identified a Remote Code Execution vulnerability at Atlassian’s Confluence. NIST entry can be found here. In the following, we will explore and use this exploit. The Dev’s of Atlassian has released a advisory for the affected products. You can identify recent attacks on your machine while viewing …
You can find the training room here. At the beginning as usal we try to get as much information as we can from the target. For this we are using NMAP and Fuzz. As result we get some interesting folders and the open ports on the system. Sadly no open FTP but three different ports …
You can find the training room here. As usual first run our basic recon scans Nmap and fuzz to get more information about the target and the services which are running. Great we found an open FTP, SSH and open Apache port, lets see if there is something to find on web address… Hmmm no …
You can find the training room here. We run our basic scans to find open ports and directories on the target. We found a open SSH port (22) and a open port for Apache (80). Sadly the address only shows the default page of the Apache webserver. Fuzz found something more interesting, an content folder, …
Imagin you forgot your root password after a long vacation at work or you are new to a company and need to get care of old systems with no known credentials or documentation of the system. So what do you do? – Reinstall the hole machine would be a solution but all data will be …