Trollcave is a vulnerable VM, in the tradition of Vulnhub and infosec wargames in general. You start with a virtual machine which you know nothing about – no usernames, no passwords, just what you can see on the network. In this instance, you’ll see a simple community blogging website with a bunch of users. FromContinue reading “Trollcave 1.2 – walkthrough”
Tag Archives: shell
Zico2:1 – walkthrough
Description from Vulnhub: Zico is trying to build his website but is having some trouble in choosing what CMS to use. After some tries on a few popular ones, he decided to build his own. Was that a good idea? Host discovery As always, I went hunting for the target: IPv Address IPv4 192.168.110.28 IPv6Continue reading “Zico2:1 – walkthrough”
Hackfest 2016 Quaoar – walkthrough
Another week, another CTF under my belt. Been doing a lot of CTF games the past months. This time I took some time off my schedule to play with the hackfest2016: Quaoar game. The difficulty level on this one is pretty low, which suited me fine this time around. It’s nice to have something toContinue reading “Hackfest 2016 Quaoar – walkthrough”
Wallaby’s Nightmare – Walkthrough
This segment of my Vulnhub series covers my walkthrough for the “Wallaby’s Nightmare (v1.0.2)” game. Finding Host and uncover services As always, I began finding the address of the game: Command sudo nmap -sn 192.168.110.0/24 In my case, target got assigned IP address 192.168.110.11. Then moved on uncovering services: Command sudo nmap -p1-65535 -A -T4Continue reading “Wallaby’s Nightmare – Walkthrough”
USV: 2016 (v1.0.1) – Walkthrough
This segment of my Vulnhub series covers my walkthrough for the “USV: 2016 (v1.0.1)” game. There are 7 flags to discover in the form of: Country_name Flag: [md5 hash]. Prephase Finding Host As always I started out finding the address of the CTF game: In my case, the IP was IP 192.168.110.10 Service Scan NextContinue reading “USV: 2016 (v1.0.1) – Walkthrough”
HackDay Albania – Walkthrough
This segment of my Vulnhub series covers a walkthrough for the HackDay Albania CTF game. From the description: “This was used in HackDay Albania’s 2016 CTF. The level is beginner to intermediate. It uses DHCP”. Interesting description that doesn’t hint at anything. This’ll purely be a black box test. Let’s dive in! Test lab environmentContinue reading “HackDay Albania – Walkthrough”
IMF – Walkthrough
This segment of my Vulnhub series covers the walkthrough for the IMF Boot2Root virtual machine. From the description: IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. Difficulty:Continue reading “IMF – Walkthrough”
MR. Robot 1 – CTF Walk-through
Today I am taking a look at Vulnhub VM based on the show Mr. Robot. Coincidentally the name of the VM is MR. Robot 1. The goal is to find three keys hidden in different locations. Throughout the game things are getting progressively more difficult as you hunt down the keys. This game is consideredContinue reading “MR. Robot 1 – CTF Walk-through”
Shell Shock Vulnerability
You’ve probably read the news about the Shell Shock vulnerability this morning. Yup – we got a new one on our hands. A problem newly discovered – but has existed for 22 years. The CVE-2014-6271 summary states: “GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers toContinue reading “Shell Shock Vulnerability”
reedphish 