HackTheBox: Luke

The first step, as always, Is to Nmap the host to identify running services: Nmap scan report for 10.10.10.137 Host is up (0.042s latency). Not shown: 65464 closed ports, 66 filtered ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3+ (ext.1) | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_drwxr-xr-x 2 0 0…

HackTheBox: Bastion

The first step is to Nmap the machine to find which services are running: root@kali://root/Documents/bastion# cat scan # Nmap 7.70 scan initiated Wed Aug 7 10:36:31 2019 as: nmap -A -oN scan -p- 10.10.10.134 Nmap scan report for 10.10.10.134 Host is up (0.032s latency). Not shown: 65522 closed ports PORT STATE SERVICE VERSION 22/tcp open…

HackTheBox: Netmon

This is the second machine i have completed on HackTheBox. I started with the Access machine. The write-up for that can be found HERE. So the first step to the perform an Nmap scan to see what kind of services the machine is running: What sticks out the most in the results of this scan…

HackTheBox: Access

I should preface this by saying that this machine took me about 6 hours to complete overall. I went down a couple of rabbit holes i didn’t need to go down and the final solution was much simpler than i thought. My first step. Which is almost always the case when starting out on a…

HackTheBox Invite Code

The following is a writeup on the process used to get the invite code for HackTheBox HackTheBox is a great website which contains pentesting labs to develop your security skillset. To create an account and gain access to the labs you first need to get an invite code and enter it into the URL https://www.hackthebox.eu/invite…

nMap Visulisation

Introduction I have written a quick and dirty python script to visualise results from nMap and masscan. It works by parsing the XML log from a scan and generates a visual representation of the IP range that was scanned. The following screenshot is an example of the output: For lack of a better word I…

Memcache Scanner Interactions

On the 5th March 2018 the worlds biggest DDOS attack was reported against a US based service provider. The DDos had a bandwidth of 1.7Tbps and was achieved using mis-configured Memcache servers. Memcached is a Linux daemon which caches data called from databases and allows subsequent database lookups to be pulled from the cache rather…

NTP Amplification Discovery

Introduction NTP amplification attacks are a form of DDOS which use NTP servers to turn small requests into large responses which can be directed to the victims computer. NTP amplification makes use of the MONLIST command. The MONLIST command directs the NTP server to respond with the last 600 IP addresses which used the server….

VNC Authentication checking with Python

In this post i describe a small python script which can be used to determine the type of authentication used on a VNC Server. It uses the Scapy packet manipulation program to perform all the network data transmissions and retrievals. The program may not be perfect, but with my limited testing it seemed to work…

Hacking the TalkTalk HUAWEI HG523a Router Part 2

For part 1 please Click Here. OK. So i have access to the routers busybox console. I found by typing the busybox command it displays all the commands available on the device. # busybox BusyBox vv1.9.1 (2012-03-05 00:16:52 CST) multi-call binary Copyright (C) 1998-2007 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2….