Digital world.local: Vengeance Walkthrough – OSCP Way
Anonhack
by Jo
4M ago
Vengeance is one of the digital world.local series which makes vulnerable boxes closer to OSCP labs. This box has a lot of services and there could be multiple ways to exploit this, Below is what ..read more
Visit website
DC-9 Vulnhub Walkthrough – OSCP way
Anonhack
by Jo
5M ago
Recently, My focus turned more towards OSCP and I am thinking of taking the exam. After reading tons of people’s experience over Reddit, I took some notes on what would be my way of studying ..read more
Visit website
The Binary Exploitation: Stack based Buffer overflow
Anonhack
by Jo
11M ago
This article talks about cracking Level 13 Binary of Cyberstart CTF. The hint that was given for this challenge is “Cyclic Pattern”, which means we need to use pattern finder tool to figure out the length of the buffer and then run the arbitrary function. Let’s crack this: Running the binary gives us this output:… Read More ..read more
Visit website
Empire: LupinOne Walkthrough – Privilege escalation through Python Libs
Anonhack
by Jo
1y ago
This article is a walkthrough for Empire LupinOne vulnerable machine. You can download this from vulnhub. The vulnerable machine is full of fuzzing and escalation of privileges by exploiting Python libraries with SUID being setup. Let’s look into exploiting this: Requirements: 1. Vmware/Virtual Box < This is to run the vulnerable machine. 2. Download LupinOne… Read More ..read more
Visit website
Log4Shell Quick Lab Setup for Testing
Anonhack
by Jo
1y ago
Last month, On December 09 2021, The release of a Remote Code Execution POC over twitter involving exploitation of Apache’s log4j2 logging class took everyone’s peace away. The attack was pretty simple and the fact that it can be easily exploited by anyone is what made this more terrifying. The first edition of this attack… Read More ..read more
Visit website
Pwned Vulnhub Walkthrough
Anonhack
by Jo
1y ago
Pwned vulnhub challenge is an easy boot2root machine. One of the key take away from this machine is how you can escalate your privileges using Dockers. This blog post is about how I exploited this machine and what are the different tools I used to make that happen. Below are the requirements: You can get… Read More ..read more
Visit website
Insecure Code Management – Git
Anonhack
by Jo
1y ago
Insecure code management is when part of the code exposes sensitive information which shouldn’t be exposed to the world. Now it can happen in a lot of situation where the API keys/Passwords are hard-coded and it has been shared mistakenly by the developers. This article will cover the part of Git version control feature and… Read More ..read more
Visit website
Walkthrough for Vulnhub : Pylington
Anonhack
by Jo
1y ago
This article is a walkthrough for Pylington Virtual machine. The machine is based on getting root flag, I did it via bypassing python sandbox environment and privilege escalation by SUID bit. I have worked with VMware throughout this walkthrough. You can run the machines in VirtualBox or any other environment you are comfortable with. Make… Read More ..read more
Visit website
How to setup your own Basic Telemetry Lab with Cisco XR
Anonhack
by Jo
2y ago
In this article, we will be talking about setting up a basic Lab for testing Telemetry on a Cisco NC55XX router. Telemetry – “Tele” means remote, “metry” means metrics or measurements, together this word simply means to collect data/measurements remotely on a server. Telemetry is usually a PUSH model meaning the client will push data… Read More ..read more
Visit website
Ease in Automation: Convert Router Output to Json Format
Anonhack
by Jo
2y ago
In this article we will be talking about converting the output from Cisco XR into a Json File for further utilization or automation. The following code can be used and can be redesigned to work with several other commands and output in other variants of Cisco XE, XR etc., as well as other vendor devices.… Read More ..read more
Visit website

Follow Anonhack on Feedspot

Continue with Google
OR