Hack the SpyderSec VM (CTF Challenge)

You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag (a text file). Look, read and maybe even listen. You will need to use basic web application recon skills as well […]

Hack the Acid VM (CTF Challenge)

The name of the Virtual machine is “Acid Server” that we are going to crack.  It is an Boot2Root Vm that we are going to solve. This is a web-based VM. Our main goal is to escalate the privileges to root and capture the flag. You can download it from à https://www.vulnhub.com/entry/acid-server,125/ WalkThroughAs always start […]

Hack the Kioptrix VM (CTF Challenge)

Today we going to solve Kioptrix: Level 1.3 (#4). It is Boot2Root series provided for practice. Hints we have from author are : It’s possible to remotely compromise the machine Stays within the target audience of this site Must be “realistic” (well kinda…) Should serve as a refresher for me. Be it PHP or MySQL […]

Hack the Necromancer VM (CTF Challenge)

The Necromancer boot2root box was created for a recent SecTalks Brisbane CTF competition. There are 11 flags to collect on your way to solving the challenge. The end goal is simple…. Destroy the Necromancer!  You can download necromancer from here let’s get going. Firstly, we run netdiscover  Netdiscover Our next step is nmap.nmap -A -p- […]

Hack the Gibson VM (CTF Challenge)

It’s a boot2root challenge and it does not get over with getting root access. You have to find flag also. So let’s start.First of all download lab from https://download.vulnhub.com/gibson/gibson.ovaNow open kali terminal and like always start with first step i.e. netdiscovernetdiscoverit shows all the hosts those are up in our network and from here we […]

Penetration Testing in PwnLab (CTF Challenge)

In this article we will walkthrough a root2boot penetration testing challenge i.e PwnLab. PwbLab is a vulnerbale framework, based on the concept of CTF (capture the flag), with a bit of security which is a little complicated to bypass. But it’s not impossible. So, let us learn how we can get its access. Download From […]

Hack the Seattle VM (CTF Challenge)

This is another article for Boot2Root series in CTF challenges. This lab is prepared by HollyGracefull. This is just a preview of the original lab which stimulates the Ecommerce web application which contains common security errors. Current vulnerabilities are listed below : SQL Injection (Error-based) SQL Injection (Blind) Reflected Cross-Site Scripting Stored Cross-Site Scripting Insecure […]

Hack Acid Reloaded VM (CTF Challenge)

Acid reloaded is the 2nd VM of the Acid series of Boot2Root CTF exercise. It is created by Avinash Thappa. To capture the flag, first we have to gain the root access that means escalating administrator privileges. You can download this VM from: https://www.vulnhub.com/entry/acid-reloaded,127/ WalkThrough As always start by finding our target netdiscover This tells […]

Penetration Testing in SMB Protocol

In Hacking, Ports and Protocols play a major role as hacking is not possible without them. And to work with them, let us first understand ports and protocols. In information technology, a protocol is the special set of rules that end points in a telecommunication connection use when they communicate. Protocols specify interactions between the […]