The virtual machine used in this room (Blue) can be downloaded for offline usage from https://darkstar7471.com/resources.html[](https://darkstar7471.com/resources.html Recon Nmap ┌──(kali㉿kali)...

Reconnaissance Scan the box; how many ports are open? Use --min-rate for fastest scan on port enumeration only Use -n to not resolve dns to be faster (about 2 second…) ┌──(kali㉿kali)-[~/th...

Recon Nmap ┌──(kali㉿kali)-[~/thm/valleype] └─$ cat valleype.nmap # Nmap 7.94 scan initiated Sun Jun 11 09:58:59 2023 as: nmap -sVC -p- -T4 -vv -oA valleype 10.10.83.16 Increasing send delay for...

Nmap # Nmap 7.93 scan initiated Tue Jun 6 10:26:44 2023 as: nmap -sVC -p- -T4 -oA Post-Exploitation -vv 10.10.125.202 Nmap scan report for 10.10.125.202 Host is up, received conn-refused (0.28s ...

Autorecon ┌──(kali㉿kali)-[~/thm] └─$ sudo $(which autorecon) 10.10.148.99 -v [*] Identified service ssh on tcp/22 on 10.10.148.99 [*] Identified service http on tcp/80 on 10.10.148.99 80 - HackI...

https://crackstation.net/ Hashcat Rules Hash: 279412f945939ba78ce0758d3fd83daa Need to use rules to crack the hash in some cases Hashcat Rules Dir: /usr/share/hashcat/rules/ ┌──(kali㉿kali)-[~/...

https://tryhackme.com/room/basicpentestingjt In these set of tasks you’ll learn the following: brute forcing  hash cracking  service enumeration Linux Enumeration Run autorecon first ...

https://tryhackme.com/room/ohsint What information can you possible get with just one photo? What is this user’s avatar of? ┌──(root㉿kali)-[~/www] └─# exiftool WindowsXP.jpg ExifTool Version ...

MetaTwo is an easy Linux machine that features a website running Wordpress, which is using a plugin vulnerable to unauthenticated SQL injection (CVE-2022-0739). It can be exploited to reveal the pa...

https://tryhackme.com/room/attacktivedirectory Nmap # Nmap 7.93 scan initiated Sun Apr 23 06:31:19 2023 as: nmap -sVC -p- -T4 -Pn -vv -oA attacktive 10.10.80.193 Nmap scan report for 10.10.80.1...

Investigation is a Linux box rated as medium difficulty, which features a web application that provides a service for digital forensic analysis of image files. The server utilizes the ExifTool util...

Busqueda is an Easy Difficulty Linux machine that involves exploiting a command injection vulnerability present in a Python module. By leveraging this vulnerability, we gain user-level access to th...

BroScience is a Medium Difficulty Linux machine that features a web application vulnerable to LFI. Through the ability to read arbitrary files on the target, the attacker gains an insight into how ...

Socket is a Medium Difficulty Linux machine that features reversing a Linux/Windows desktop application to get its source code, from where an SQL injection in its web socket service is discovered. ...

Inject is an Easy Difficulty Linux machine featuring a website with file upload functionality vulnerable to Local File Inclusion (LFI). By exploiting the LFI vulnerability, files on the system can ...