Sign in

Everything is unknown until it’s known. Self-learner.

A walkthrough.

Start with nmap.

nmap -A -vv target_ip

You will find web servers on port 80 and 8080.

I did reverse image search and got the answer.

Another way to do this is to Inspect the page and check the image element.

Task 1: Introduction

Who is the employee of the month?

Bill Harper

Task 2: Initial Access

Scan the machine with nmap. What is the other port running a web server on?

8080

Take a look at the other web server. What file server is running?

Rejetto HTTP File Server


An educational series on Windows exploitation for complete beginners. A walkthrough.

Task 1: Recon

We start our recon with scanning the target machine using Nmap.

How many ports are open with a port number under 1000?

3

If you run the scan with -A flag it will scan all the ports on the host and we only need port numbers < 1000. It would be better to just specify -p 1000 to scan the first 1000 ports.

What is this machine vulnerable to? (Answer in the form of: ms??-???, ex: ms08–067)

ms17–010

To get this answer I ran nmap script which scans for…


What I’ve learned in this room.

We will start with Task 2, since in the Task 1 you are just required to deploy the machine.

Task 2: Reconnaissance

And we start our reconnaissance with the classics: Nmap (cheat sheet by SANS).

You can also refer to the table presented by TryHackMe:

Although in the beginning of the task THM already tells you which flag to use to scan the target:

Scan this box: nmap -sV <machine’s ip>

Scan the box, how many ports are open?

6

What version of the squid proxy is running on the machine?

3.5.12

How many ports will…


Lately I have been doing some of the processes/workflow automation at work, and I have figured that I can put together some of the common python code snippets and references that I had repeatedly used across multiple projects related to text/file processing.

Working with file’s location

When you are working with the text files it is obvious that the file path is required for the python to script to locate the file. For this you can use pathlib library. The pathlib library is included in all python versions >= 3.4.

A small snippet how to import and use the pathlib to store a file…


How to.

Sometimes I get really surprised at where does my time and days go and here is one example.

Yesterday evening I decided that I needed to share a folder on my macOS so that the Kali Linux 2020 VM can have access to it. The vm was created in VMWare Fusion, so it makes sense to look for sharing feature in the VM settings.

This is how it looks like after I added a folder and called it kalish and checked the checkmark Enable Shared Folders.

It also warns us about VMware Tools.


Here you will find essential commands to start mastering the shell.

How To Find Out What Directory You’re Currently In?

You will need to use Print Working Directory command, which is:

pwd

How To Navigate to Any Directory?

You will need to use Change Directory command, which is:

cd directoryname

You will have to provide either the absolute or relative path to the directory.

It can get pretty tiring navigating with absolute or relative paths all the time, so there are also some shortcuts to this:

  • . (the directory you’re currently in)
  • ..(parent directory, eg cd..).
  • ~ (home directory, eg /home/user)
  • - (takes you to the previous directory you were just at)

How To List The Contents of a Directory?

You will need to use List Directories command:

ls

This does not include hidden…


Here is a neat terminal command which displays a list of all the extensions you have installed:

code --list-extensions

Below is the list of the extensions, which I am either actively using or just interested in trying out, and I hope you, too, will find it useful.

Colorize for better visibility

CSS-related; Sass; Bootstrap

Autocomplete


So, the first part concluded with deployment of Prisma, and now it’s time to set up the Apollo Server to run on the backend, and Apollo Client on the FrontEnd.

Setting Up Apollo Server 2

Let’s start with installing the required dependencies. We’re going to run the npm install command from our backend folder.

npm i apollo-server graphql graphql-import prisma-binding
  • apollo-server — the core library for the server itself.
  • graphql — so that we can build our queries and mutations
  • grapql-import - in case if you decide to split your schema definition into multiple files, graphql-import package is there to help you importing & exporting…


A quick HowTo.

venv is a package shipped with Python 3, which you can run using python3 -m venv (although for some reason some distros separate it out into a separate distro package, such as python3-venv on Ubuntu/Debian). It serves the same purpose as virtualenv, but only has a subset of its features (see a comparison here). — source

I use it mainly for two reasons:

  • it isolates the project-related libraries.
  • it doesn’t access the globally installed libraries.

We can think of it as if the project would live on its own island, isolated from the rest of the world…


A very quick setup guide. No BS.

  • create a script.sh file
  • paste in the contents below (source)
#!/bin/bash

#
# Kali Docker Setup Script
# @decidedlygray 20180902
# LICENSE: MIT
#
# Steps taken from: https://docs.docker.com/install/linux/docker-ce/debian/
# And: https://medium.com/@airman604/installing-docker-in-kali-linux-2017-1-fbaa4d1447fe
# Install uses the repository, so we can get updates in the future

# Remove any existing docker packages and update package list
sudo apt remove docker docker-engine docker.io -y
sudo apt update

# Install apt HTTPS packages
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common -y

# Add Docker GPG key
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
# Verify key exists
# sudo apt-key fingerprint 0EBFCD88

# Add stable repo
# sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian jessie stable"
echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list

#…

theUnknown

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store