Agent T - TryHackMe
Something seems a little off with the server.
ReconAt first, I did a Nmap scan for open ports and services.
nmap -sC -sV -oA nmap/agent 10.10.36.157
There is only one port open with PHP server 5.5.
I checked the website for further enumeration. Wappalyzer identifies the website is using PHP version 8.1.0.
ExploitI looked for PHP 8.1.0 exploit. I found this exploit on exploit-DB
After executing the exploit I got a shell. Success!!
FlagI couldn’t move around that much. I checked the director ...
Crack The Hash - TryHackMe
Cracking hashes challenges
Description →Level 1Q1. 48bb6e862e54f2a795ffc4e541caed4d
A. easy
hashcat -m 100 Q1.txt /usr/share/wordlists/rockyou.txt
Q2. CBFDAC6008F9CAB4083784CBD1874F76618D2A97
A. password123
hashcat -m 100 Q2.txt /usr/share/wordlists/rockyou.txt
Q3. 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032
A. letmein
hashcat -m 1400 Q3.txt /usr/share/wordlists/rockyou.txt
Q4. $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom
A. bleh
hashcat -m 3200 Q4 ...
CTF-DumpMe - TryHackMe
One of the SOC analysts took a memory dump from a machine infected with a meterpreter malware. As a Digital Forensicators, your job is to analyze the dump, extract the available indicators of compromise (IOCs) and answer the provided questions.
PrerequisitesDownload the zip file. Unzip the file with password → “cyberdefenders.org”
NOTE: For this room I’m going to use Volatility 2.6. I have another writeup for Volatility if you want to check that out.
Challenge QuestionsQ1. What is the SHA1 ha ...
Volatility - TryHackMe
Learn how to perform memory forensics with Volatility!
IntroVolatility is a free memory forensics tool for incident response developed and maintain by Volatility
Install Volatility
Download executable Volatility
123sudo mv volatility_2.6 /opt/cd /opt/volatility_2.6/./volatility -h
P.S: I have rename the executable for efficiency
Obtaining Memory SamplesTo analyze we need a memory sample first. Below are some tools that can help to gain a memory sample easily
FTK Imager
Redline
Dumplt.exe
wi ...
Project: Akane
IntroductionA personal AI made with python use voice recognition to perform actions depending on the users voice command
RequirementsThe script requires python 3.X. and pip
You need the following modules installed for Akane
Speech_recognition
Google Text-to-Speech
Playsound
Requests
1234pip install SpeechRecognitionpip install gTTSpip install playsoundpip install requests
123456789import speech_recognition as srimport timeimport webbrowser as wbfrom gtts import gTTSimport osimport playsoundimp ...
Project: Python Keylogger
KeyloggerSimple Keylogger that sends victims input via email
RequirementsIn the code
Fill senders gmail
Fill Senders gmail password
Fill Receivers gmail
1234567send_email = ""recv = ""password = ""
Make Sure to Less Secure App on Gmail is turned on
Project LinkGithub
Redline - TryHackMe
IntroductionYou can install Redline by installing it on you local machine. I am using RDP provided by THM. I’m Using Remmina on my kali machine.To install Remmina
sudo apt install remmina
Q1. Who created Redline?
A. FireEye
Data CollectionThere are 3 ways of collecting data from Redline.
Standard Collector → This method collects the minimum amount of data for the analysis and is the fastest of the three methods.
Comprehensive Collector → This method collects most data for your system and take ...
Site Launched!
WelcomeYayyyyyy!! Finally my own website🤓🥳.
I am going upload
my personal research
cool things i have found
homelab documentation
projects
CTF write ups
Upload Time
My goal is to upload every 2 weeks. Depending on school this might change, but rest asured there is gonna be good content coming.