Poison HackTheBox Notes

As I continue to post my notes for retired boxes you will likely notice a drastic increase in detail. A few boxes were completed when I was just getting into cyber security and since then I have learned a lot in regards to documentation. Simply based off of the name here we can determine this... Continue Reading →

Celestial HackTheBox Notes

This box isn’t too bad and was actually pretty educational. First we started off with an nmap scan, noticing only one port open “3000”. Using the flag -sV we can use banner grabbing to determine what service is running on the port. We then found out it was node.js and a web host. So we... Continue Reading →

Programming From The Ground Up Chapter 2

Chapter 2: Know The Concepts 1) Describe the fetch-execute cycle. Also known as an instruction cycle or fetch-decode-execute cycle is the basic operational process of a computer. The process consists of the computer retrieving a program instruction from its memory; it then determines what actions the instruction contains. Lastly, it will execute the cycle. The... Continue Reading →

The POODLE Vulnerability

The POODLE Vulnerability Who is infected? “All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 (also known as SSLv3) with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most... Continue Reading →

Valentine HackTheBox Notes

Valentine This box consists of a fair amount of rabbit holes that I will just ignore for the most part to avoid this report being super long.   The first thing I always do is run an nmap scan. I found 3 open ports, http, https, and ssh. This is great, web servers are fun.... Continue Reading →

Aragog HackTheBox Notes

Nmap -sV -T5 10.10.10.78 PORT   STATE SERVICE VERSION 21/tcp open  ftp vsftpd 3.0.3 22/tcp open  ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) 80/tcp open  http Apache httpd 2.4.18 ((Ubuntu)) Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel   Running dirbuster with medium wordlist   10.10.10.78/hosts.php => There are 4294967294 possible hosts for This is... Continue Reading →

Get A Password Manager!

Welcome to the 21st century! Remember back in the day when we would write down a password so we wouldn’t have to memorize it? Well let’s do that again! Just this time we are going to do it better. So a password manager is exactly what it sounds like. It is an application used to... Continue Reading →

Rooting the Coffee Machine

Eccellenza Touch Coffee Maker Rooting the Coffee Machine So you get a new coffee machine. It has network capabilities…. and It  has a USB port… Obviously this means you should hack it. The Process: The steps we took sort of went like this.Go make cup of Coffee Notice login interface while making coffee. Google default... Continue Reading →

Create a website or blog at WordPress.com

Up ↑