Posts

Showing posts from November, 2018

Hackthis.co.uk : Main level 3

Image
Note  :  You need to understand a logic in code. Beginning with this challenge . After the welcome page of challenge 3 I viewed the source code of page by ctrl+u Highlighted line of code is using if : else condition i.e if username = heaven and password = hell else alert incorrect login. Explanation : if username = heaven , password = hell it will authenticate otherwise not . So providing username as heaven and password as hell Completed successfully
Read more

Hackthis.co.uk : Main level 2

Image
Let’s do this one more easy level . Let’s get started I first opened the source code but found nothing so i selected all the webpage with ctrl+a And got the details . Username : resu Password : ssap And tried to login with the creds and yeah completed the challenge
Read more

Hackthis.co.uk : Main level 1

Image
It's damn easy !! Prompted with challenge 1 There’s a warning saying you don’t have to enter your credentials so it means there is a twist .. I just viewed the source code by ctrl+u and searched for username by ctrl+f(helps in finding our desired word) Now got the username as in and password as out . Tried to enter the same creds And yeah challenge completed with an ease !
Read more

HTB JERRY Walkthrough

Image
HackTheBox Jerry Walkthrough Starting with knowing our IP (after connecting to the openvpn of HTB) Command to know our IP - ifconfig Now lets see what is the IP of the machine we are targeting (By just clicking the name of the machine in htb) . i am targeting machine named JERRY . IP(10.10.10.95) Scanning Phase nmap -A 10.10.10.95 -Pn A - denotes aggressive scan Pn - used for ping sweep Nmap revealed http service active on port 8080 and also revealed tomcat So i browsed IP on the web browser to see the web page (because http service is active ) Url - 10.10.10.95:8080 (Have to mention port because by default http service runs on 80 but in this case it’s 8080 so have to mention that) Now fired up dirb to find the directories if any Command : dirb http://10.10.10.95:8080 Results are shown below One by one i managed to open the links but found nothing and at last i opened up the link i.e http://10.10.10.95:8080/manager Prompted up wi
Read more