Posts

TryHackMe | Advent of Cyber 3 (2021) Walkthrough

Image
  Get started with Cyber Security in 25 Days — Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. Link - https://tryhackme.com/room/adventofcyber3 After finding Santa’s account, what is their position in the company? The Boss! After finding McStocker’s account, what is their position in the company? Build Manager After finding the account responsible for tampering, what is their position in the company? Mischief Manager What is the received flag when McSkidy fixes the Inventory Management System? Register an account, and verify the cookies using the Developer Tools in your browser. What is the name of the new cookie that was created for your account? user-auth What encoding type was used for the cookie value? hexadecimal What object format is the data of the cookie stored in? JSON Manipulate the cookie and bypass the login portal. What is the value of the administrator cookie? (username = admin) What team environment is not resp...

TryHackMe | Carnage WriteUp

Image
  Apply your analytical skills to analyze the malicious network traffic using Wireshark. Link - https://tryhackme.com/room/c2carnage After loading the pcap file in wireshark. Change the time display preferences. What was the date and time for the first HTTP connection to the malicious IP? (answer format: yyyy-mm-dd hh:mm:ss) check the HTTP traffic 2021–09–24 16:44:38 What is the name of the zip file that was downloaded? Check the contents of the packet documents.zip What was the domain hosting the malicious zip file? attirenepal.com Without downloading the file, what is the name of the file in the zip file? Right click the packet and follow HTTP stream chart-1530076591.xls What is the name of the webserver of the malicious IP from which the zip file was downloaded? LiteSpeed What is the version of the webserver from the previous question? PHP/7.2.34 Malicious files were downloaded to the victim host from multiple domains. What were the three domains involved with this activity? fin...

TryHackMe | JavaScript Basics WriteUp

Image
  Learn JavaScript, the high-level, multi-paradigm language of the web. Link - https://tryhackme.com/room/javascriptbasics What type of data type is this: ‘Neo’? String What data type is true/false? boolean What is John’s occupation? Master Hacker What tag is used for linking a JavaScript file to HTML? script What type of brackets are used for arrays? [] What color pill did we choose? Red Pill What is the output of this code? Tyrell Loops repeat until the written code is finished running (true/false) true What loop doesn’t require the condition to be true for it execute at least once? do…while What is the DOM? Document Object Model What is it called when XSS is used to record keystrokes? Keylogging Sort the array [1,10,5,15,2,7,28,900,45,18,27] [1,2,5,7,10,15,18,27,28,45,900] That’s it! See you in the next Room :)

TryHackMe | Toolbox: Vim WriteUp

Image
  Learn vim, a universal text editor that can be incredibly powerful when used properly. From basic text editing to editing of binary files, Vim can be an important arsenal in a security toolkit. Link - https://tryhackme.com/room/toolboxvim How do we enter “INSERT” mode? i How do we start entering text into our new Vim document? typing How do we return to command mode? esc How do we move the cursor left? h How do we move the cursor right? l How do we move the cursor up? k How do we move the cursor down? j How do we jump to the start of a word? w How do we jump to the end of a word? e How do we insert (before the cursor) i How do we insert (at the beginning of the line?) I How do we append (after the cursor) a How do we append (at the end of the line) A How do we make a new line under the current line? o How do we write the file, but don’t exit? :w How do we write the file, but don’t exit- as root? :w !sudo tee % How do we write and quit? :wq How do we quit? :q How do we force ...

TryHackMe | Meltdown Explained WriteUp

Image
  This room explains the technical details behind the Meltdown vulnerability. Link - https://tryhackme.com/room/meltdownexplained what is it called when a program accesses a cache and finds the correct value? hit what is it called when a program accesses a cache and doesn’t find the correct value? miss What kind of memory does the virtual address contain(apart from user memory) kernel memory That’s it! See you in the next Room :)

TryHackMe | Windows x64 Assembly WriteUp

Image
  Introduction to x64 Assembly on Windows. Link- https://tryhackme.com/room/win64assembly What is 0xA in decimal? 10 What is decimal 25 in hexadecimal? Include the prefix for hexadecimal. 0x19 How many bytes is a WORD? 2 How many bits is a WORD? 16 What is the result of the binary operation: 1011 AND 1100? 1000 What is the result of the binary operation: 1011 NAND 1100? Include leading zeroes. 0111 How many bytes is RAX? 8 How many bytes is EAX? 4 What instruction returns from a function? ret What instruction will call/execute a function? call What instruction could be used to save a register in a way that it can later be restored? PUSH If two equal values are compared to each other, what will ZF be set to as result of the comparison? 1 In fastcall, what 64-bit register will hold the return value of a function? RAX In fastcall, what register is the first function parameter passed in? RCX In what order is data taken off of or put onto the stack? Provide the acronym. LIFO That’s it!...

TryHackMe | OpenVAS WriteUp

Image
  Learn the basics of threat and vulnerability management using Open Vulnerability Assessment Scanning Link- https://tryhackme.com/room/openvas When did the scan start in Case 001? Feb 28, 00:04:46 When did the scan end in Case 001? Feb 28, 00:21:02 How many ports are open in Case 001? 3 How many total vulnerabilities were found in Case 001? 5 What is the highest severity vulnerability found? (MSxx-xxx) MS17–010 What is the first affected OS to this vulnerability? Microsoft Windows 10 x32/x64 Edition What is the recommended vulnerability detection method? Send the crafted SMB transaction request with fid = 0 and check the response to confirm the vulnerability. That’s it! See you in the next Room :)

Eonrec