Tag: security

  • Medusa from HackMyVM Writeup – Walkthrough

    Medusa from HackMyVM Writeup – Walkthrough

    Medusa is a lengthy machine from the platform HackMyVM despite being easy. The machine’s author is noname and I must pay respect to him for putting effort into this machine. The VM includes many fuzzing techniques for subdomain enumeration and directory enumeration. Likewise, it also asks us to brute-force hashes to get passwords. “Medusa from…

  • Walkthrough of Kitty from HackMyVM Writeup

    Walkthrough of Kitty from HackMyVM Writeup

    Kitty is a hard machine to root by avijneyam from the platform HackMyVM. The machine’s theme is cats as suggested by the name of the VM. To begin with, this machine needs some host enumeration, cracking passwords, cracking JWT exploits, utilizing various other exploits, etc. Also, I would like you guys to give it a…

  • Arroutada Writeup from HackMyVM – Walkthrough

    Arroutada Writeup from HackMyVM – Walkthrough

    Arroutada is a medium-difficulty machine by RiJaba1 from the HackMyVM platform. Although the author has marked this machine as easy, I don’t consider it that easy since it involves a lot of steps. To elaborate, it features various techniques like fuzzing, bruteforcing, proxying ports, remote command execution, etc. Anyway, the machine isn’t complex to crack…

  • Ephemeral Walkthrough from HackMyVM – Writeup

    Ephemeral Walkthrough from HackMyVM – Writeup

    Ephemeral is a difficult machine involving various tricks and techniques to get to the root shell. However, it took some time for me as one of the exploits wasn’t working. So, I had to modify the script to make it work. The machine features local file inclusions, remote command execution using LFI and phpinfo script,…

  • Moosage Writeup from HackMyVM – Walkthrough

    Moosage Writeup from HackMyVM – Walkthrough

    Moosage is an easy machine by sml from the platform HackMyVM. The machine features an insecure file upload vulnerability in a blog application. Then, we need to identify a little trick to get a reverse shell as root. The machine is easy but difficult at the same time. “Moosage Writeup from HackMyVM – Walkthrough” Click…

  • Writeup – Eighty – HackMyVM – Walkthrough

    Writeup – Eighty – HackMyVM – Walkthrough

    Eighty is a difficult machine from sML on the platform HackMyVM. This machine uses various techniques like knocking the ports out, analyzing the webserver and exploiting superuser permission. However, you can also say that the machine is relatively easy since everything is ahead of you. Furthermore, an experienced hacker can easily lay out the route…

  • Catland walkthrough from HackMyVM – Writeup

    Catland walkthrough from HackMyVM – Writeup

    HackMyVM has added a new medium-difficulty machine “Catland” by cromiphi. This machine features subdomain enumeration, local file inclusion, insecure file permissions and sudo abuse. However, for the domain name, you need to take the help of the VM box. “Catland walkthrough from HackMyVM – Writeup” Click here to go to the download page of Catland…

  • HackMyVM Light Writeup – Walkthrough

    HackMyVM Light Writeup – Walkthrough

    Light is an easy machine from the platform HackMyVM by sML. This machine requires knowledge of basic Linux and penetration testing. It could be really easy for those who have experience in penetration testing but could be different for newcomers. “HackMyVM Light Writeup – Walkthrough” Click here to go to the machine’s download page. Get…

  • Troya Walkthrough From HackMyVM – Writeup

    Troya Walkthrough From HackMyVM – Writeup

    By far, Troya is one of my favourite VMs from the HackMyVM platform. The creator of the machines is sML and he has categorized this as a medium machine. However, I found this machine intriguing and was definitely hard for me. First of all, we need to identify a way to inject OS commands remotely.…

  • Hannah Walkthrough From HackMyVM – Writeup

    Hannah Walkthrough From HackMyVM – Writeup

    The first machine on the platform HackMyVM is a very easy machine authored by the user smL. This machine simply features basic enumeration and bruteforcing. Once we get the password of a user, we can log into the system. Then, we need to abuse the writable path vulnerability in the system. Once we do that,…