HackerEnv Target: samba#4 Write Up
Let’s do Samba Machine in this write up. As always, started with nmap to figure open ports nmap -sT -A -p- -T5 10.0.101.2 * 10.0.101.2 is samba IP we got 21 open and running ProFTPD 1.3.5! ProFTPD 1.3.5 is vulnerable, it has mod_copy module which allows remote attackers to read…
Hack This Site! Realistic missions: Basic 2
Level 2 Challenge: Message: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful. Solution: nothing is attracted in the page, so I went to the source code and found update.php and it was a login page
Hack This Site! Realistic missions: Basic 1
Level 1 Challenge: Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list…
Hack This Site! Basic Missions: Basic 11
Level 11 Challenge: Sam decided to make a music site. Unfortunately he does not understand Apache. This mission is a bit harder than the other basics. Solution: Started by using dirb By visiting index.php, an input field is there! visiting the rest of the directories, I got a good start on /e directory I got 1,t,o and the last one was n, I accessed all of these and there was not any protection!
Hack This Site! Basic Missions: Basic 10
Level 10 Challenge: Enter password Please enter a password to gain access to level 10 Solution: All what you have to do is that capture the request and you will notice that “authorization = no” change it to “yes” and you will be authorized!
CyberTalents, Web Challenge: The Restricted Sessions
Flag is restricted to logged users only , can you be one of them. By visiting the website, I got this! So this is a hint that we have to deal with cookies, I visited the source code and I got this great information