writeup arşivleri - Aleyna Doğan

Showing 103 Result(s)

Tryhackme: Red Team Threat Intel

on 30 Ekim 202430 Ekim 2024

Apply threat intelligence to red team engagements and adversary emulation. Task 5: TTP Mapping 5.2. How many Command and Control techniques are employed by Carbanak? https://mitre-attack.github.io/attack-navigator//#layerURL=https%3A%2F%2Fattack.mitre.org%2Fgroups%2FG0008%2FG0008-enterprise-layer.json 2 5.3. What signed binary did Carbanak use for defense evasion? Rundll32 5.4. What Initial Access technique is employed by Carbanak? Valid Accounts Task 7: Creating a Threat Intel Driven Campaign …

Tryhackme: ParrotPost: Phishing Analysis

updated on 16 Eylül 202412 Eylül 2024

Reveal how attackers can craft client-side credential-stealing webpages that evade detection by security tools. Lab link. Task 3: Email Headers 3.1. According to the IP address, what country is the sending email server associated with? We upload the .eml file to the Message Header Analyzer and find the Received IP address. Since the IP address location …

Portswigger: Username enumeration via subtly different responses Writeup

on 8 Ağustos 20248 Ağustos 2024

When we try to login with test:test on the login page, we see the message “Invalid username or password.” in the response to the request. We can see if this message will appear for all usernames in the responses to the requests. We send the request to the intruder. We choose sniper attack type. In …

Portswigger: Username enumeration via different responses Writeup

updated on 8 Ağustos 20248 Ağustos 2024

We create a request on the login page. First, we will try to detect the username. We choose sniper attack. The username is our target. We select a simple list and load our list as the username list specified at the beginning of the lab. We start attack. As a result of the attack, there …

Tryhackme: Critical Writeup

updated on 16 Eylül 202422 Temmuz 2024

Lab link. Task 2: Memory Forensics 2.1. What type of memory is analyzed during a forensic memory task? RAM 2.2. In which phase will you create a memory dump of the target system? Memory Acquisition Task 3: Environment & Setup 3.1. Which plugin can help us to get information about the OS running on the target machine? …

Portswigger: Referer-based access control Writeup

updated on 11 Temmuz 202411 Temmuz 2024

This lab controls access to certain admin functionality based on the Referer header. You can familiarize yourself with the admin panel by logging in using the credentials administrator:admin. To solve the lab, log in using the credentials wiener:peter and exploit the flawed access controls to promote yourself to become an administrator. Lab link. We log in to the admin panel, …

Portswigger: Multi-step process with no access control on one step Writeup

on 11 Temmuz 202411 Temmuz 2024

This lab has an admin panel with a flawed multi-step process for changing a user’s role. You can familiarize yourself with the admin panel by logging in using the credentials administrator:admin. To solve the lab, log in using the credentials wiener:peter and exploit the flawed access controls to promote yourself to become an administrator. Lab link. We enter the system …

Portswigger: Insecure direct object references Writeup

on 11 Temmuz 202411 Temmuz 2024

This lab stores user chat logs directly on the server’s file system, and retrieves them using static URLs. Solve the lab by finding the password for the user carlos, and logging into their account. Lab link. The live chat section draws attention and if we press the “View transcript” button after making a few conversations, the …

Tryhackme: Intro to Logs Writeup

updated on 16 Eylül 202411 Temmuz 2024

Learn the fundamentals of logging, data sources, collection methods and principles to step into the log analysis world. Lab link. Task 2: Expanding Perspectives: Logs as Evidence of Historical Activity 2.1. What is the name of your colleague who left a note on your Desktop? Perry 2.2. What is the full path to the suggested log …

Portswigger: User ID controlled by request parameter with password disclosure Writeup

on 10 Temmuz 202410 Temmuz 2024

This lab has user account page that contains the current user’s existing password, prefilled in a masked input. To solve the lab, retrieve the administrator’s password, then use it to delete the user carlos. You can log in to your own account using the following credentials: wiener:peter Lab link. When we login with the given user information, …