Sign in

Hello everyone,

It’s been a long! I back this time to write about my experience in eCIR certifications from elearnSecurity.

Exam:

Let’s know about the exam to know how to prepare for it. You will be given two scenarios. The first one is Splunk and the second is Kibana & pcap file.

There are going to show you the topology and tell you which server is compromised. So you have to figure out how that server got compromised and what happened next. Basically, you need to check everything to draw a mind map for you. …


Let’s do Oldschool Machine in this write up.

As always, started with nmap to figure open ports

nmap 10.0.100.1

As simple as that, only port 80 is opened, sol let’s visit it


Let’s do Drop Machine in this write up.

As always, started with nmap to figure open ports

nmap -A 10.0.100.2

By visiting the open port, I got this page


Let’s do Samba Machine in this write up.

As always, started with nmap to figure open ports

nmap -sT -A -p- -T5 10.0.101.2

* 10.0.101.2 is samba IP

we got 21 open and running ProFTPD 1.3.5!

ProFTPD 1.3.5 is vulnerable, it has mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination.

Let’s take advantage of this vulnerability, I started by initiating a FTP connection and press enter when…


And I back with a new beautiful platform.

Let’s do Twig Machine in this write up.

As always, started by nmap

nmap -sT -sT -A -p- -T5 10.0.101.1

We only got one opened port! let’s explore that and dig into it


Level 1

Challenge:

Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident… but this ass hole still insists that the bet is on!

I know you’re good with computers and stuff, so I was wondering, is there any way…

Nouf

PenTester & Challenges Solver

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store