Posts

Showing posts with the label infosec

OWASP TOP 10 Explained

Image
  Hello World! Through this write-up, I’ll try to educate you about OWASP and the OWASP top 10 Vulnerabilities for Web Applications. What is OWASP? OWASP stands for O pen W eb A pplication S ecurity P roject. What does OWASP do? The Internet has connected almost everything to the online world. From making a call to sending messages, making payments, sharing stories, making groups, creating a thread on any topic, and having opinions from various people across the globe and what not! The Internet has made the world a very small place it seems! Now, when you’re spending so much of your time on the internet, it's obvious that your data goes online wherever you sign up. Being a citizen of the modern world, every person who is connected to the internet must know that their data is their ultimate strength and weakness. If in the wrong hands, your data can be used in a way that you cannot even imagine in the wildest of your dreams! Moreover, the recent data breaches and cyber-attacks...
Post a Comment
Read more

Helping Rick find his ingredients: PICKLE RICK CTF

Image
Hello Hackers,  Today we are going to solve the challenge  PICKLE RICK  by  TRYHACKME . So the story goes like this: Our friend Rick has turned into Pickle [Really don't know how he ended up being a Pickle :P] and our goal is to find him 3 Secret ingredients so that he can go back to his original form. Let's jump into the CTF. First things first  CONNECT TO OPENVPN & DEPLOY THE MACHINE😂 We'll see this page as we put the IP address into our browser. REMEMBER:  Whenever you visit a webpage, don't forget to check the source code. Sometimes, developers leave sensitive information such as credentials in the form of comments. You can either do Right-Click --> View page source or press Ctrl+u. You'll see that the username is leaked in the source code of that page! Now let's try to scan the ports and see if we find something interesting. Command used: nmap -sV -A -T5 {ip} You'll see that ports  22 & 80 are open. Wait, can the username be for th...
Post a Comment
Read more

Defeating RootME

Image
Hello hackers, Recently I started practicing on  Tryhackme  and came across this easy yet interesting machine named RootME by  ReddyyZ . I strongly recommend the beginners to try this machine out as it would clear the following several concepts of yours one of them being how to bypass file upload functionality and gain a reverse shell on the target system. Not only that, but you'll also have a basic idea about how privilege escalation works. So without taking up any more time of yours, let's jump into the walkthrough.                                                                                        : TASK 1 : Deploying the machine😅 While some of you might think what madness this is we already know that!! My dear friend, you're free to skip this port...
Post a Comment
Read more