Month: August 2020

hacker in flight guide
MEETUPS PRIORITIES

Meetups

For anyone out there that’s looking a way to expand their knowledge, and learn more about whatever, I encourage you to search for a group that will challenge you!

I have been looking for a group for several years to no avail… until now. I’ve used all of the apps that are supposed to connect you by keywords and interests, and have always been hit by a dead-end. I’ve tried to meet up with groups through various networking that are supposed to hit the interests, but they always fall short.

Continue Reading
hacker in flight guide
Hack The Box KALI LINUX OSCP WEBPAGE

HTB – Bank – FH: DNS / File Upload

The Bank box was the first time I ran into virtual hosts on a web server. Till now, I’ve been able to discover all of the directories with a simple dirb or gobuster scan… this time was very different.

The NMAP scan showed only a few ports open. 22, 53, and 80. I always bypass 22 because there are rarely SSH exploits that go quick, so it was on to the other two ports. Interestingly, they had DNS running on port 53 and the description was ICS BIND. Bind is the Berkeley Internet Name Domain, and ISC bind can run in a large number of Linux environments. In this case, it was used to map to folders that didn’t show on an IP address scan of the machine.

Continue Reading
hacker in flight guide
Hack The Box PRIORITIES TRAINING

Status Report 20210801

So it’s been a couple months now, and I’m feeling great about everything that I’ve accomplished. I started out just going after every challenge that I could find, and mostly, I was able to accomplish success.

Shortly into my journey, I realized that I would have much better success with my learning if I were to separate tasks. I have been at the learning game for my entire life, always seeking more knowledge on everything that I do; and I’ve learned a few things about how learning can be best accomplished.

For the task of learning more about hacking, it would be the easy button to go ahead and pwn each box from start to finish. Do the scans, find the foot-hold, get in, then privilege escalate based on some further enumeration. That, however, is not the right answer if you want to get the maximum amount of learning out of each task! Therefore, I separated my learning into compartments that will yield a much greater result.

Continue Reading
hacker in flight guide
Hack The Box KALI LINUX WEBPAGE

HTB – Haircut – FH: Curl

The only ports available on the Haircut box were 22, and 80. As SSH usually reveals no interesting attack vectors, it’s always best to go for port 80. So I visited the site.

Continue Reading
Scroll to top