Posts

Showing posts from 2018

Blacklight: 1 Walkthrough

Image
Lab Environment Attacker’s Machine : Linux kali 4.18.0-kali2-amd64 #1 SMP Debian 4.18.10-2kali1 (2018-10-09) x86_64 GNU/Linux Vulnerable Machine : Blacklight: 1 Let’s start hacking and breach the security of this machine Scanning Phase : Let’s start with knowing our attacking machine’s ip        Syntax used : ifconfig               Results : 192.168.1.6 Now let’s scan our local network to which attacking machine and vulnerable machine is connected.     Syntax used : arp-scan --local     Results : 192.168.1.8 Enumeration Phase : Now using nmap to scan the services running on ports . Syntax used : nmap -p- -A 192.168.1.8 -Pn     Results   : http service is running on port 80 and one port 9072 is open Now browsing the IP in browser to see the webpage running Now fired up dirb to reveal the directories Syntax used : dirb http;//192.168.1.8 Results : got something in robots.txt Now browsing the url of robots.t

Matrix: 1 Walkthrough

Image
Lab Environment Attacker’s Machine : Linux kali 4.18.0-kali2-amd64 #1 SMP Debian 4.18.10-2kali1 (2018-10-09) x86_64 GNU/Linux Vulnerable Machine : Matrix: 1 Let’s start hacking and breach the security of this machine Scanning Phase : Let’s start with knowing our attacking machine’s ip         Syntax used : ifconfig                Results : 192.168.169.136 Now let’s scan our local network to which attacking machine and vulnerable machine is connected.      Syntax used : arp-scan --local Enumeration Phase : Now using nmap to scan the services running on ports . Syntax used : nmap -A 192.168.169.135 -Pn      Results   : http service is running on port 80 and port 31337   Now browsing ip in web browser to see the webpage on port 80 and got nothing useful Now tried to browse with port 31337 and got something in source code . Viewed source code by pressing ctrl+u Results : we got base64 encoded value Value : ZWNobyAiVG