Latest from the Blog
CyberSecLabs – “Red” Walkthrough
Red is a beginner level box from CyberSecLabs hosting a webserver using a service known as Redis. I’ll show you the Metasploit route to get a shell, and then a manual method to get a shell. After we’ve established our foothold on the box, we’ll enumerate the file system where we’ll exploit a interesting file…
CyberSecLabs – “Imposter” Walkthrough
Imposter from CyberSecLabs is a beginner level Windows box hosting a Wing FTP server. After gaining access to the web admin console, we’ll get a reverse shell as a low privileged user and find a interesting way to escalate our privileges using a module in Meterpreter. Imposter’s IP address is 172.31.1.20. Let’s get started. Scanning…
CyberSecLabs – “Simple” Walkthrough
Simple from CyberSecLabs is a beginner Linux box hosting a CMS Made Simple website. We’ll gain access to the target through a SQLi attack to find creds and then get a reverse shell through the admin web console. Finally we’ll use a binary with the SUID bit set to escalate our privileges to root. Let’s…
CyberSecLabs “Outdated” Walkthrough
Outdated is a beginner level box from CyberSecLabs hosting an NFS share and an outdated version of FTP. After using built-in ProFTP commands to copy files we’ll get our first shell. From there we enumerate the kernel and find an exploit. Outdated’s IP Address is 172.31.1.22. Fire up the VPN, let’s get started. Scanning and…
CyberSecLabs – “CMS” Walkthrough
CMS from CyberSecLabs is a beginner level box hosting a WordPress installation. Using a file inclusion vulnerability we’ll gain access to the target, and exploit weak sudo permissions to escalate to root. Let’s get started. The IP Address for CMS is 172.31.1.8 Scanning and Enumeration As always we run our Nmap scan against the target…
OutRunSec 