Trollcave 1.2 – walkthrough

Trollcave is a vulnerable VM, in the tradition of Vulnhub and infosec wargames in general. You start with a virtual machine which you know nothing about – no usernames, no passwords, just what you can see on the network. In this instance, you’ll see a simple community blogging website with a bunch of users. From […]

Read More Trollcave 1.2 – walkthrough

Zico2:1 – walkthrough

Description from Vulnhub: Zico is trying to build his website but is having some trouble in choosing what CMS to use. After some tries on a few popular ones, he decided to build his own. Was that a good idea? Host discovery As always, I went hunting for the target: IPv Address IPv4 192.168.110.28 IPv6 […]

Read More Zico2:1 – walkthrough

Wallaby’s Nightmare – Walkthrough

This segment of my Vulnhub series covers my walkthrough for the “Wallaby’s Nightmare (v1.0.2)” game. Finding Host and uncover services As always, I began finding the address of the game: Command sudo nmap -sn 192.168.110.0/24 In my case, target got assigned IP address 192.168.110.11. Then moved on uncovering services: Command sudo nmap -p1-65535 -A -T4 […]

Read More Wallaby’s Nightmare – Walkthrough

USV: 2016 (v1.0.1) – Walkthrough

This segment of my Vulnhub series covers my walkthrough for the “USV: 2016 (v1.0.1)” game. There are 7 flags to discover in the form of: Country_name Flag: [md5 hash]. Prephase Finding Host As always I started out finding the address of the CTF game: In my case, the IP was IP 192.168.110.10 Service Scan Next […]

Read More USV: 2016 (v1.0.1) – Walkthrough

HackDay Albania – Walkthrough

This segment of my Vulnhub series covers a walkthrough for the HackDay Albania CTF game. From the description: “This was used in HackDay Albania’s 2016 CTF. The level is beginner to intermediate. It uses DHCP”. Interesting description that doesn’t hint at anything. This’ll purely be a black box test. Let’s dive in! Test lab environment […]

Read More HackDay Albania – Walkthrough

IMF – Walkthrough

This segment of my Vulnhub series covers the walkthrough for the IMF Boot2Root virtual machine. From the description: IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. Difficulty: […]

Read More IMF – Walkthrough

MR. Robot 1 – CTF Walk-through

Today I am taking a look at Vulnhub VM based on the show Mr. Robot. Coincidentally the name of the VM is MR. Robot 1. The goal is to find three keys hidden in different locations. Throughout the game things are getting progressively more difficult as you hunt down the keys. This game is considered […]

Read More MR. Robot 1 – CTF Walk-through

Shell Shock Vulnerability

You’ve probably read the news about the Shell Shock vulnerability this morning. Yup – we got a new one on our hands. A problem newly discovered – but has existed for 22 years. The CVE-2014-6271 summary states: “GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to […]

Read More Shell Shock Vulnerability