Vulnhub – Driftingblues 2 – Walkthrough – Writeup

We will be doing driftingblues2 challenge from vulnhub in this post. Please check this link for the walkthrough of driftingblues 1. Foothold fping nmap We found out that, anonymous ftp is present. Let’s get that file first and see what the image is about. ftp The file is stored in the current directory. The following […]

Vulnhub – Driftingblues 1 – Walkthrough – Writeup

We are going to exploit the driftingblues1 machine of Vulnhub. Our goal is to capture user and root flags. Also, make sure to check out the walkthroughs on the harry potter series. Foothold fping nmap gobuster dir We have secret.html and index.html files. So, we can open them in browsers or use curl for the […]

Vulnhub – Fawkes Walkthrough – Writeup – Harry Potter

In the previous post, we found out three more Horcruxes totalling 5. In this machine, Fawkes, we will be dealing with some difficult challenge like the phoenix bird ‘Fawkes’. Foothold Fping nmap gobuster Visit on 9898 ( netcat It looks as if a program which takes input is hosted on the port. Let’s use netcat […]

Vulnhub – Nagini Walkthrough – writeup – Harry Potter

In the first machine of the Harry Potter series, Aragog, we found out two of the eight Horcruxes. Nagini is the second machine of the series with medium difficulty. However, I found it pretty difficult nonetheless. Let’s begin our journey to find Nagini, the vicious snake. I won’t be explaining all of the steps which […]

Vulnhub – Aragog Walkthrough – Writeup – Harry Potter

Harry Potter is one of the greatest movie and book series for no doubt. On the other hand, the VulnHub series by Mansoor R is one of the best challenges I have done. We can say that the hacking series is based on the original series where we have to identify horcruxes placed by Voldemort […]

Hacking Kioptrix Level 2 (#1.1) – Part 3 – Shell access

In the previous post, we bypassed the login using SQL injection. Now, we want to exploit the feature of the application to open a reverse shell. This can be done in other ways as well. Here, I will be listen on port 4444 in my attacker machine (, since I have installed newer version of […]

Hacking Kioptrix Level 2 (#1.1) – Part 2 – SQL Injection

In the previous post, we tried to identify the possible vulnerabilities of the target machine. In this post, we will be trying to exploit the system. Up to now, we have visited the IP address of the target machine in firefox which gave us two input fields. Now, if we try some random username and […]

Hacking Kioptrix Level 2 (#1.1) – Part 1 – Scanning

We completed the first level of the Kioptrix challenge. Now, we have got to enter the next level of it. So, the link of the Kioptrix Level 2 is,23/. We will find an updated version of Kioptrix Level 2 from the link. For the installation and basic troubleshooting please refer to the previous posts. […]

Hacking Kioptrix Level 1 (#1) – Part 4 – Exploit

In the previous post, we entered the target machine exploiting a vulnerability in mod_ssl. However, we want to find some other vulnerabilities as well. In this post, we are using the Metasploit framework to find the vulnerability and exploit. Also, I will be using the root user to run my commands. Starting the Metasploit framework […]

Hacking Kioptrix Level 1 (#1) – Part 3 – Exploit

In the previous post, we performed some scans using Nmap and noted down the results. Now, in this post, I will make use of other ways with the help of existing information. Therefore, let’s try to hit the webserver of the target by opening the IP address of the target in firefox. We saw […]

Scroll to top

AdBlock Detected

I am sorry for the popup but it costs me money and time to write these posts.
Please disable the adblocker to proceed.
If you are a regular visitor, you can buymeacoffee too. 😉