Dejavu is an easy machine from HackMyVM by the user InfayerTS. The machine includes basic vulnerabilities. First of all, we find a path from a page’s source. Then, we have a file upload area that misses an extension to filter out. Similarly, we also have a directory for the uploads. However, there are restrictions to certain functions making it difficult to get a reverse shell.
“Decode” is an easy machine from HackMyVM by the user avijneyam. This machine requires some common sense to gather information. The enumeration is fairly easy. The enumeration starts by looking at the robots.txt file. We have some hints there about the next vulnerability. Then, we have to find a file that contains the password of one of the users.
Pingme is a new machine from HackMyVM by a friend rpj7. This machine is actually very nice if you try the intended way to get the shell. There is another vulnerability (dirty pipe) in the machine as well (which is… Read More »Pingme Writeup from HackMyVM – Walkthrough
“Blog” is an easy machine from HackMyVM by d4t4s3c. If you have done many machines, this is a piece of cake. If you are new, I definitely suggest you do it on your own. The enumeration starts with enumerating the… Read More »Blog Writeup from HackMyVM – Walkthrough
University is an easy machine from the HackMyVM platform. The author of the machine is SML. The machine’s main exploit is insecure file upload leading to remote code execution. The machine is fairly easy. “Writeup of University from HackMyVM –… Read More »Writeup of University from HackMyVM – Walkthrough
Preload is an easy machine by my friend avijneyam from the HackMyVM platform. There are only two exploits one need to understand to get to theinitial root of the machine. Also, there are error messages in the web app that… Read More »Preload – Writeup – HackMyVM – Walkthrough
Serve is an easy machine from the HackMyVM platform by d4t4s3c. It’s a bit tricky to get the foothold but the remaining steps are pretty easy. Lastly, the machine works on VirtualBox.
Isengard is an easy machine from HackMyVM by bit. It works well on VirtualBox. As for the machine, we can get into the machine by using Remote Command Execution. Similarly, for the root part, we have to abuse the sudo permissions.
Welcome to my writeup of a new machine from HackMyVM. Stagiaire is a hard machine by cromiphi. This is a very good machine and is worth trying. Similarly, it works better on VirtualBox. Also, make sure you change the RAM to 1 GB as the author has 3.5 GB by default for this VM.
Family2 is a very easy machine from HackMyVM. This is quite straightforward and no bruteforcing is required on this machine. As for the machine, it works better on VirtualBox but you might want to reduce the RAM allocation for it.