Open in app
Home
Notifications
Lists
Stories

Write
Roshan Guragain
Roshan Guragain

Home

Dec 5, 2020

Unbalanced : HackTheBox

Summary Configure proxy settings. Use rsync service to synchronize the directory. Decrypt files obtained from rsync service ( encfs encoded ) Access the cache manager to get information regarding hosts. Use XPath injection to get credentials SSH tunneling to access pihole HTTP service and CVE for exploit. Nmap Scan 22/tcp…

Htb

9 min read

Unbalanced : HackTheBox
Unbalanced : HackTheBox

Nov 28, 2020

Blunder: HackTheBox

This box is all about enumeration . Summary Directory busting to get the admin portal and todo.txt file. Brute force password. Exploit the file upload vulnerability to get the shell. Enumerate the machine to escalate privilege. Find exploits to bypass the restricted ability. Nmap # nmap -T4 -p- -A -o nmap…

8 min read

Blunder: HackTheBox
Blunder: HackTheBox

Aug 16, 2020

harder: THM writeup

Real pentest findings combined alpine real world git seclists Task 1: Hack your way and try harder The machine is completly inspired by real world pentest findings. Perhaps you will consider them very challanging but without any rabbit holes. …

Tryhackme

9 min read

harder: THM writeup
harder: THM writeup

Aug 15, 2020

Anonymous Playground: THM writeup

Want to become part of Anonymous? They have a challenge for you. Can you get the flags and become an operative? This was a difficult room with tags linux python and cipher . Nmap Scan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3…

Tryhackme

6 min read

Anonymous Playground: THM writeup
Anonymous Playground: THM writeup

Aug 12, 2020

Help Bears! : TryHackMe Writeup

Task 1 There is nothing to do here, but this task is needed for the final task.

Tryhackme

18 min read

Help Bears! : TryHackMe Writeup
Help Bears! : TryHackMe Writeup

Aug 7, 2020

Recovery: THM room, Writeup

Here is a hint if you want to try it on your own. Reverse engineer the fixutil binary. It modifies a library file. Reverse engineer that library file as well. Introduction What it says is, Alex works at Recoverysoft. He and his colleague got an email with a binary file. The…

Tryhackme

5 min read

Recovery : THM room, Writeup
Recovery : THM room, Writeup

Aug 1, 2020

H@ctivityCon CTF : Mobile Challenges Writeup

Mobile One Pinocchio Just Not Interesting 1. Mobile One I decompiled the apk using apktool. Since this was a low point challenge so I thought the flag should be in one of the files. So did a simple text search in all the files. $ find . | xargs grep “flag{“ 2>/dev/null ./res/values/strings.xml: <string…

Android

6 min read

H@ctivityCon CTF : Mobile Challenges Writeup
H@ctivityCon CTF : Mobile Challenges Writeup
Roshan Guragain

Roshan Guragain

Infosec Enthusiast

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable