Optimum is a Windows machine and though it is marked as easy, I think it stands somewhere between easy and medium. The initial part to gain a foothold and getting the user flag is pretty easy but the part where you need to escalate your privileges is a bit complicated…

Nibbles is an easy machine which focuses a bit on enumeration and a slightly different method for privilege escalation. So, let’s begin! Enumeration The first to be done would be to determine the ports that are open on the machine. ┌──(kali㉿kali)-[~/Desktop/htb/nibbles] └─$ sudo nmap -p- -sS -T4 -oG open_ports 10.10.10.75…

Devel is a Windows based challenge and it pretty easy. It focuses on specific privilege escalation vulnerability in a specific version of Windows 7. So, let’s get started. Enumeration To determine all the services that are running on this machine we can start an nmap scan against it. ┌──(kali㉿kali)-[~/Desktop/htb/devel] └─$ sudo nmap…

Personally, I think Bashed is one of the easiest machines. All that needs to be done is generate a reverse shell. So, let’s begin. Enumeration The first thing to do is to run an nmap scan to determine all the ports that are open. ┌──(kali㉿kali)-[~/Desktop/htb/bashed] └─$ sudo nmap -p- -sS -T4 -oG…

This machine appears to be pretty similar to the Legacy machine (writeup here) as both these machines are based on exploiting MS17–010. But there is a slight different here that the machine is running Windows 7 rather than Windows XP which changes how we exploit it. Enumeration The first thing that…

Shocker is a an easy box and once you get the idea it is really easy to get its access and even escalate your privileges. …

Legacy is a pretty easy Windows box which focuses on exploiting the MS17–010 vulnerability. Enumeration The first thing to do would be to run an all port scan to determine all the ports that are open. ┌──(kali㉿kali)-[~/Desktop/htb/legacy] └─$ sudo nmap -p- -sS -T4 10.10.10.4 [sudo] password for kali: Starting Nmap 7.92 ( https://nmap.org…

#TJNull Lame is a really easy box and even for a beginner it won’t take more than an hour at max. The main purpose of this room is to make you realize that all the services that are exposed should be tested thoroughly for any kind of vulnerability. So, let’s…

LAMP Security: CTF4 is one of the easy machines on VulnHub which mainly focuses on SQLi. So, lets begin! Enumeration As usual, the first thing that we need to do is run an nmap scan and check if some webpages are hosted on port 80/443. …