Month: December 2019

This is a overview of how to use TMUX for the people that haven’t used it before. tmux is a terminal multiplexer for Unix-like operating systems. It allows multiple terminal sessions to be accessed simultaneously in a single window. It is useful for running more than one command-line program at the same time. https://en.wikipedia.org/wiki/Tmux Learning …

So this box is going to be a challenge if you have done the 4 previous boxes. It use’s a lot of the same methodology as the previous boxes, where you scan and use and exploit to gain a user shell. Getting root on this box is where this box is tricky, it isn’t difficult …

For this, we will be getting all of our information from OWASP which can be found here. We will start off by looking at the Threat agents & attack vectors along with the impact. “Threat Agents/Attack Vectors: Exploitation of deserialization is somewhat difficult, as off the shelf exploits rarely work without changes or tweaks to …

OWASP The more of these documents that I have made I have realized that there is a pretty big difference between what you learn from PortSwigger and OWASP. I find that OWASP provides good foundational documentation of the vulnerabilities whereas PortSwigger shows you the practical side of the vulnerabilities. To start I am going to …

All material regarding Security Misconfiguration will be provided to us by OWASP, We will start off just like the others looking at the threat agents and attack vectors. “Attackers will often attempt to exploit unpatched flaws or access default accounts, unused pages, unprotected files, and directories, etc to gain unauthorized access or knowledge of the …