Wifinetic is an easy difficulty Linux machine which presents an intriguing network challenge, focusing on wireless security and network monitoring. An exposed FTP service has anonymous authenticati...

Intro Only played a little for this my_first_pwnie Info You must be this 👉 high to ride. Author: ElykDeer Connect with: nc intro.csaw.io 31137 Solve ┌──(bravosec㉿fsociety)-[/media/sf...

Recon Nmap # Nmap 7.94 scan initiated Sat Sep 16 20:47:16 2023 as: nmap -sVC -T4 -Pn -vv -oA ./nmap/full_tcp_scan -p 22,80 10.10.88.25 Nmap scan report for 10.10.88.25 Host is up, received user...

Summary Certificate Statistic Challenges Web Pick Your Starter Info Picking a starter is hard, I hope you can do it. Flag format: PCTF{} Author: @angr404 http://chal...

CozyHosting is an easy-difficulty Linux machine that features a Spring Boot application. The application has the Actuator endpoint enabled. Enumerating the endpoint leads to the discovery of a user...

Zipping is a medium-difficulty Linux machine that features a variety of attack vectors. This machine starts off by identifying a file upload capability within the web application that is vulnerable...

Summary Certificate Statistics My Solves Osint Excellent Vista! Info What a nice spot to stop,lookout and watch time go by, EXAMINE the image and discover where this was taken. NOTE...

https://tryhackme.com/room/lessonlearned Info This is a relatively easy machine that tries to teach you a lesson, but perhaps you’ve already learned the lesson? Let’s find out. Treat this box a...

Recon ┌──(bravosec㉿fsociety)-[~/thm/overpass] └─$ writehosts thm '10.10.37.163 overpass.thm' +---------+--------+--------------+--------------+ | PROFILE | STATUS | IP | DOMAIN | ...

Recon Scripts 5 ports ┌──(bravosec㉿fsociety)-[~/thm/dunkinvuln] └─$ tcpall 10.10.247.184 [+] Running command: sudo nmap -p- --min-rate 10000 -Pn -vv -oA ./nmap/all_tcp_ports --open 10.10.24...

Keeper is an easy-difficulty Linux machine that features a support ticketing system that uses default credentials. Enumerating the service, we are able to see clear text credentials that lead to SS...

unreadable Info There’s an unreadable file….. HINT: Case Sensitive, There’s no space next to ‘{‘ and ‘}’ The use of punctuation marks follows grammar rules. Solve ┌──(br...

Recon ┌──(bravosec㉿fsociety)-[~/thm/Red] └─$ writehosts thm '10.10.136.223 red.thm' +---------+--------+---------------+---------+ | PROFILE | STATUS | IP | DOMAIN | +---------+------...

Delivery is an easy difficulty Linux machine that features the support ticketing system osTicket where it is possible by using a technique called TicketTrick, a non-authenticated user to be granted...

Traverxec is an easy Linux machine that features a Nostromo Web Server, which is vulnerable to Remote Code Execution (RCE). The Web server configuration files lead us to SSH credentials, which allo...