Introduction Today we’ll begin the process of compromising one of Vulnhub’s latest VMs, “TrollCave”. The author, David Yates, says that this VM is attempting to be as realistic as possible, AKA straying from the usual contrived scenarios which pop up in some CTFs (port knocking, MP3 file waveform analysis etc.) The author has also stressed
Introduction Today I’ll be compromising the SickOs: 1.2 VM hosted by Vulnhub and created by @D4rk36. This was an obscure and fairly tough VM with a teensy tiny foothold-vulnerability that I’d not previously come across! NMap #1 [crayon-5d2ce268a554e680401517/] Tiny attack surface. Old SSH server and a lighttpd HTTP server. Incidentally this version is apparently broken with a
Introduction Today I’ll be documenting how to fully compromise the VulnOS: 2 VM, created by @c4b3rw0lf. This was a tough VM, centred around a Joomla web app. This was of particular interest to me as I’d never attempted to compromise a Joomla app prior to this VM. Onwards!
Introduction Today I’ll be writing up the method I used to compromise the excellent Vulnix VM hosted by Vulnhub, created by @oshearing This one was quite difficult and took a good few hours for me to work out what needed to happen to compromise it, but I got to use some fun new tools and