How to Get The Invited Code From Hackthebox

Hack The Box or abbreviated as hackthebox, is an uncanny pentesting labs portal which allows everyone to collaborate, share and encourage people who are enthusiastic all about ethical hacking or pentesting. It offers an online platform to test and advance your skills in penetration testing and cyber security.

We can access this portal at https://www.hackthebox.eu/. Nevertheless, to get into this platform is not straightforward like others website which we can sign up easily. hackthebox made it a littlebit funny. Here we will explain Continue reading

Exploiting Smart Install Client Vulnerability and Resetting Telnet on Switch Catalyst 2960

As we have known that Cisco is one of the biggest vendor of Network Devices besides its competitor such as HPE, Juniper and Huawei. At the beginning of March 2018, International Data Corporation (IDC) released an articel about The Top 5 Network Device Companies based on their revenue untill the end of 2017. The detail chart is showned by the figure Continue reading

Upgrade from A Shell Session into Meterpreter Session Using Metasploit

If we talk about Metasploit notably in Kali Linux, there is no enough time for discussing it. Eventhough it is a free version (not enterprise or Pro version), Metasploit Community version is fully enough for us to exploit a vulnerable system.

As described at their website, Rapid7 claimed that metasploit is the world’s most used penetration testing framework. Continue reading

Simple CTF : From SQLinjection to Webshell

There is an interesting sample for practicing how to do a CTF (simple CTF). It is a VM which had been created by Pentesterlab Team. We can download the VM at the link. The VM is one of hundreds exercises develoved by Pentesterlab as part of the White Badge. The white badge is the easiest badge that covers a wide range of web vulnerabilities Continue reading

EternalBlue Exploit at Windows 7 using Metasploit

eternalblue-exploit

Several months ago (and may be it’s still continuing), many windows hosts/computers had been infected and attacked by two major Ransomware. They are Wannacry and Petya/NonPetya. Refered to wired.co.uk,  The Ransowmware spread was helped by a Microsoft Windows security vulnerability called EternalBlue. Continue reading

The Art of Webshell and Port Knocking Exploit — Hackademic RTB2

As I was browsing about webshell exploit through google, I found an interesting challenge in Vulnhub. It was Hackademic RTB2 by mr.pr0n released at 6 September 2011. The Hackademic RTB2 was one of the series CTF named Hackademic by mr.pr0n at vulnhub. Actually, there was the first serie which was Hackademic RTB1. Nevertheless, I chose the second one firstly, hahahahaa. But I promise will give a post for the Hackademic RTB1 next week. Continue reading

Make a Sticky Banner at Your Terminal/Shell

Several videos about hacking tutorials in youtube has own unique banner sticked at their terminal. Therefor, I was a curious a little-bit how make my terminal has a sticky banner too. After googling a bit time, I found a simple way for changing terminal’s banner at link https://null-byte.wonderhowto.com/how-to/change-your-terminal-header-0163720/.

  • Firstly, we need to install Figlet, It is an application for styling the terminal banner.

Continue reading

TheFatRat a Massive Backdoor Tool

Hallo Sudo-ers,

Today I will show you a simple tool but powerfull for exploitating a target either windows based, mac os, linux , android and others such as php etc. The tool can create a malware which obfuscate the Antivirus, so the malware can bypass security of the host in which use a AV for securing it.

We can run this tool on various operating systems such as : Continue reading