Hi all, in this walk-through I will solve the vulnhub machine infovore:1 created by @theart42 & @4nqr34z.

Let’s start with open ports on the machine. The nmap shows only port 80 is open.

Hi All, hope you all are good. This is the walkthrough of the Vulnhub machine “Worst Western Hotel: 1”. 4ndr34z is the creator of the machine. You can download it from here.

This is really a very good machine, It has brute forcing socks proxy, accessing the web app through socks, exploiting the XSS to steal admin session cookies. Grabbing the credentials from one of the images, use these credentials to login into the web app as admin, then exploit it to get RCE. Once you got the shell, you came to know that you are in Docker.ifconfig shows different…

This is a walthrough of another machine “FOG” of the Hacksudo series by Vishal Waghmare. This is really good machine, created by Vishal. If you want to solve it along with me, you can download it from here.

Lots of open ports.Inspect elements helped to show interesting results which helps later. Brute-forcing web directory and page with gobuster shows results which provide cms directory and dict.txt . Text file help to ftp into the box. FTP has file which helps to login to CMS, backdoor in CMS helps to get initial shell. Suid binary to read shadow file. …

Hi all, hope you all are good. This is a walk-through of vulnhub AdmX:1.0.1 machine. It is created by deathflash1411 and you can download it from here.

Found only port 80 open, Wordpress installed on the box. Wpscan enumerate the admin user and also found the valid password for it. Used metasploit to gain reverse shell. User in the box use same password, access user using it. User has sudo rights on Database, can run system command from database console as root user.

As a first step use nmap to find all open ports on the box. Only port 80…

This is the write-up for the vulnhub machine Prime-2. This is created by the Suraj and if you also want to try this machine, you can download in from here.

In this box when you enumerate, you will find 5 open ports. SMB share with anonymous access with READ and WRITE permissions. Wordpress is running on the box. The wp plugin gracemedia-media-player version 1.0 is vulnerable to LFI using this and php script it is possible to get RCE. …

This is the write-up for the boot2root machine of DriftingBlues series. If you want to try it along with me, you can download it from here.

Start the nmap, and scan for all open ports.

Service version detection using nmap.

Hi all!! In this write-up I will walk you through how to get root access on the Vulnhub Harry Potter: Nagini. This is the second machine of the Harry Potter series by the creator Mansoor R. I would really say that to get the initial shell on the box was really difficult for me.

If you also want to try you can download it from this link.

Let’s begin with nmap scan for all open ports. Only couple of ports are open.

Let’s detect the running services and their versions.

Hi, this is a walkthrough of the vulnhub Harry Potter: Argaog. This machine is created by Mansoor R and can be downloaded from vulnhub.

The very first step is to find all the open ports on the target machine. I used nmap to find all open ports.

Only a couple of ports open 22 and 80. Let’s run map again to detect service version of these ports.