DC 26 AND!XOR’s B.E.N.D.E.R. Write-Up So Far… (Still missing EAST -_-)

AND!XOR B.E.N.D.E.R. Write-Up Wow.. this was a draft for my site for over a year… Mine as well post it! 🙂 The AND!XOR B.E.N.D.E.R. game ended this past weekend, which means no prizes for completion. I’ve put a number of hours into the game, collaborated with strangers and coworkers and learned various infosec skills. I … Continue reading "DC 26 AND!XOR’s B.E.N.D.E.R. Write-Up So Far… (Still missing EAST -_-)"

Read More

Stapler Walkthrough

I started the box with a netdiscover scanNetdiscover -r 192.168.0.0/24 The VM picked up an ip address of 192.168.0.134 Let’s scan it with nmapnmap -sV -Pn -vv -T4 -A -p- 192.168.0.134 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.134nmap.scan Found some open portsFTP & SSHTCP DNS WebserverMysql with an interesting banner And another webserver SMB enum found a couple shares … Continue reading "Stapler Walkthrough"

Read More

Pwn_init Walkthrough

First I ran netdiscover -r 192.168.0.0/24 Then an nmap scan: nmap -sV -Pn -vv -T4 -A -p- 192.168.0.133 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.133nmap.scanFound a few open ports: Info about the http server, looks like we found a login form And some additional pages to try RPC info MYSQL info, looks like we got blocked from connecting to … Continue reading "Pwn_init Walkthrough"

Read More