Posts

Showing posts from November, 2018

sqli_to_shell 1 ctf with WAF

Image
Hii friends .. welcome 2 hackxsploit.  Here is the complete walkthrough of Sqli_to_shell: 1 CTF . It is beginner level CTF having sqli injection. Specialty of this ctf is that it has WAF. (web application firewall) So i have cracked it with WAF  sql commands.  let's crack.       Objective                  : Get the the Root access of System  Attacking Machine  :  Linux kali 4.17.0-kali1-amd64 Target machine          :  SQLi To Shell with WAF   ip: 172.16.166.136 **In your case ip may be change so replace my ip with your's  **  -----------------------------------------------------------------------------------------------------------------------------------  let's start from  finding  our target machine ip # arp-scan -l scan the ip by Nmap # nmap  http://172.16.166.136...
1 comment
Read more

BTRSys: v2.1 walkthrough

Image
Hii friends .. welcome 2 hackxsploit.  Here is the complete walkthrough of BTRSys : v2.1 CTF . It is beginner level CTF.   Download it from here.   This is Boot2Root - CTF VM.   I hope you enjoy it   So let's crack.       Objective                  : Get the the Root access of System  Attacking Machine  :  Linux kali 4.17.0-kali1-amd64 Target machine          :    BTRSys : v2.1  ip: 172.16.166.149 **It is recommended that use nmap , Dirb & nikto first for scan the ip ** -------------------------------------------------------------------------------------------------------------------------------- lets start from getting ip of BTRsys vm  by this command;   # arp-scan -l  Now Scan ip  by nmap # nmap http:// 172.16.166.149 -sSCV Now scan Ip by dirb ...
Post a Comment
Read more

Diana: 1.0.1 CTF Walkthrough

Image
Hii friends .. welcome 2 hackxsploit.  Here is the complete walkthrough of Diana:1.0.1 CTF . It is beginner level CTF.   Download it from here.   This is Boot2Root - CTF VM.   I hope you enjoy it   So let's crack.       Objective : Get the the Root access of System and Captute the flag.txt Attacking Machine  :  Linux kali 4.17.0-kali1-amd64 Target machine          :  Diana 1.0.1   ip: 172.16.166.137   **It is recommended that use nmap , Dirb & nikto first for scan the ip ** -------------------------------------------------------------------------------------------------------------------------------- lets start from getting ip of Diana vm by this command;   # arp-scan -l  I have got my target Ip 172.16.166.137    Now scan the ip By nmap  # nmap 172.16.166.137 -sSCV   Now scan the ip By Dirb  # dirb ...
Post a Comment
Read more