Windows Scripting Host (WSH) A sample payload Set shell = WScript.CreateObject("Wscript.Shell") shell.Run("C:\Windows\System32\calc.exe " & WScript.ScriptFullName),0,True To r...

Source https://tryhackme.com/room/redteamrecon whois A WHOIS server listens on TCP port 43 for incomming requests. The domain registrar is responsible for maintaining the WHOIS records fo...

Command Description hydra -P password-file.txt -v $ip snmp Hydra brute force against SNMP hydra -t 1 -30 admin -P /usr/share/wordlis...

Introduction This CTF was 24 hours on May 6th and May 7th. Pretty basic stuff but I only did web exploitation and the others are too CTF specific and just puzzle so I didn’t bother. ...

I promise I will post things. I am grinding through CTFs and having a full-time 5th year CS student workload :( In the meantime you can check on my latest notes at https://github....

INE Blackbox 3 Our machine: 192.246.198.2 Enumeration 1: Target: server1.ine.local = 192.246.198.3 Nmap: nmap -sT -P0 192.246.198.3 —> Port 80 opens. Go to the...

INE Blackbox 2 Enumeration 1: Target: online-calc.com Running nmap -sS -Pn -v online-calc.com: 80/tcp open http 5000/tcp open upnp 8000/tcp open http-alt If ...

INE Blackbox 1 Enumeration 1 Target: demo.ine.local (call this demo1) Our machine’s eth1: 192.141.206.2 ping demo.ine.local —> 192.141.206.3 Our target is...

Enumeration nmap Port 80 and 22 open gobuster No stand out dirs. OWASP ZAP Path traversal detected but I think this is false positive. Manual enumeration: ...

IP: 10.10.219.9 Enumeration nmap nmap reveals 4993 open ports with 7 jetdirect? ports and the rest being Dropbear ssh ports… Ranging from 22 to 13999. Seems like no h...