Sign in

Command Injection in web app with cat command disabled.

Nmap Scan

root@kali:~# nmap -sC -sV -O -T4 10.10.202.157Starting Nmap 7.80 ( https://nmap.org ) at 2021-01-04 01:07 ESTNmap scan report for 10.10.202.157Host is up (0.36s latency).Not shown: 998 closed portsPORT   STATE SERVICE VERSION22/tcp open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.6 (Ubuntu Linux; protocol 2.0)| ssh-hostkey:|…

Nmap, gobuster, base64 decoder,sort,uniq,burpsuite, turbointruder, php reverseshell, netcat,crackstation,find,gtfobin

Nmap

kali@kali:~$ sudo nmap -sC -sV -O 10.10.151.156
[sudo] password for kali:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-26 22:48 EST
Nmap scan report for 10.10.151.156
Host is up (0.35s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
22/tcp closed ssh
80/tcp open http…

This will be a write up on a PwnTillDawn Online Battlefield box — Stuntman Mike. Please check out the following links to find out more on PwnTIllDawn Online Battlefield.

Nmap Scan

kali@kali:~$ sudo nmap -sC -sV -O 10.150.150.166Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-22 01:31 ESTNmap scan report for…

Nmap

kali@kali:~$ sudo nmap -T4 -A 10.10.88.51
[sudo] password for kali:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-24 05:26 EST
Nmap scan report for 10.10.88.51
Host is up (0.35s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol…

Nmap

kali@kali:~$ sudo nmap -sC -sV -O 10.10.133.102
[sudo] password for kali:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-22 02:41 EST
Nmap scan report for 10.10.133.102
Host is up (0.35s latency).
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
135/tcp open msrpc…

Nmap, gobuster, php reverseshell, netcat, burpsuite, find,gtfobins

Nmap

kali@kali:~$ sudo nmap -T4 -A 10.10.216.110
[sudo] password for kali:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-22 05:00 EST
Nmap scan report for 10.10.216.110
Host is up (0.41s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol…

This lab contains an SQL injection vulnerability in the login function.

To solve the lab, perform an SQL injection attack that logs in to the application as the administrator user.

Head over to the login page.

When we input a username and password, the query string will look like:

SELECT…


This lab contains an SQL injection vulnerability in the product category filter. When the user selects a category, the application carries out an SQL query like the following:

SELECT * FROM products WHERE category = ‘Gifts’ AND released = 1

To solve the lab, perform an SQL injection attack that…


Nmap Scan

ali@kali:~$ nmap -T4 -sC -sV 10.10.132.197
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-17 08:25 EST
Stats: 0:02:31 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 98.61% done; ETC: 08:28 (0:00:01 remaining)
Nmap scan report for 10.10.132.197
Host is up (0.37s latency).
Not shown: 991 closed ports
PORT…

Nmap scan

kali@kali:~$ nmap -T4 -sC -sV 10.10.218.181
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-18 02:00 EST
Nmap scan report for 10.10.218.181
Host is up (0.35s latency).
Not shown: 988 closed ports
PORT STATE SERVICE VERSION
135/tcp open msrpc…

Yikai

Started my journey in cybersecurity on September 2020. This blog is used mainly to record my learning journey.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store