All that has to do with information Security, Cyber Security and Ethical Hacking.
Did you just install some linux distro in your VM? or your own machine? Were you doing it by watching a tutorial on the web? Did you install grub? Have you password protected the user? Yes? Then you are secure right? The answer to that is NO! The Problem : Bypassing grub can be done […]
Firstly, we must download and extract the given Box named ‘Vulnix’ and set up the network configurations, so as to make sure that the Vulnix Box and our Kali box are on the same network. Once that is done, we must start both VMs. Identifying the victim machines IP In order to identify which IP, […]
This penetration test assignment is done for the OM NOM NOM NOM Challenge of CYSCA2014. When we hear the term OM NOM NOM NOM what comes to our mind, is that that is the sound made by the cookie monster on the “Sesame Street” TV show. So this could be something to do with cookies. […]
In This blog post we will be looking at how Metasploitable 2 virtual machine can be exploited. We will be using Metasploit and other tools to the hacking. ssh_keygen Details: Unlike earlier exploits where metasploit was used, in this it is not used. We are exploiting using generating keys unreal_irhd_3281_backdoor Details: we use a backdoor to exploit the Linux system. We only need to give the RHOST IP before exploiting. distcc_exec Details: Only the RHOST IP needs to be given by us.
This post will comprise of a step by step walk through of how I exploited 3 vulnerabilities in a deliberately vulnerable windows 2000 virtual machine. ms01_23_printer Details about the vulnerability : As shown in this picture, all that it needs to know is the RHOST IP. Once it was given and exploited, A remote session to the windows machine was created as shown below. m06_40_netapi Details about the vulnerability: Similar to the previous exploit, all this needed was also is the RHOST IP. ms08_67_netapi Details: likewise, All we need to give is RHOST IP.
One of the main things needed for CTFs are using Burpsuite to intercept traffic. This guide will help users understand basics of Burpsuite. Defining Target Scope in Burpsuite. Here we have defined what should be included in our scope and excluded from our scope. The entry in the include section was defined by us and […]
In this blog post we will be looking at how to get started with Oracle DB. Undoubtedly, oracle is considered to be one of the most secure database management systems. Hence, many organizations around the world use Oracle DB. Here are some of the security features in Oracle DB: Data Dependent Access Control ,Role Based […]
Pingsweeping – Intro & usage. Assume that you are a burglar and you want to steal. Then your first goal will be to identify your targets. Similarly, in the context of hacking, the first thing a hacker needs to do is identify the target hosts. In order to do so they send ICMP requests (pings) […]
Basically, Ransomware is everywhere these days. Why I titled this post as “Running Somewhere …” is because, there is nowhere to hide and no guaranteed recovery of data to which access is denied by Ransomware. Ransomware, somewhere, everywhere, nowhere.. So many rhyming words isn’t it 😜 Anyways, I was assigned to do a literature review on […]
This blog post revolves around an OAuth 2.0 based Facebook application that I have developed. This application aims at providing users of Facebook, an idea of their own profile(Few interesting things that they themselves wouldn’t know about their profile 🙂 ). In order to build this Application, I have made use of the following technologies. […]