Wolf – Page 2 – WindowsTechs.com

wfuzz show –hs responses when it should hide it

Posted on June 8, 2020 by Wolf

Test site: http://testfire.net/login.jsp

Error when login failed: Login Failed: We’re sorry, but this username or password was not found in our system. Please try again.

Web Form

<form action=”doLogin” method=”post” name=”login” id=”… Continue reading wfuzz show –hs responses when it should hide it→

Metasploit search couldn’t find "wp_admin" keyword

Posted on June 7, 2020 by Wolf

There is exploit/unix/webapp/wp_admin_shell_upload module in Metasploit.

However, I coudn’t find it with search function.

msf5 > search wp-admin

Matching Modules
================

# Name … Continue reading Metasploit search couldn’t find "wp_admin" keyword→

How to reduce false positive in hydra http-post-form module due to more than 1 error?

Posted on June 7, 2020 by Wolf

This question is based on security challenge on Basic Pentesting: 1.

Feel free to download if you want to reproduce this issue as well.

It’s easy to do this if there’s only a single error message when credentials entered was wrong such a… Continue reading How to reduce false positive in hydra http-post-form module due to more than 1 error?→

How to find vulnerable PHP parameter such as `.php?id=` as found in Kioptrix 3?

Posted on June 1, 2020 by Wolf

This is part of my preparation for OSCP.

According to https://www.vulnhub.com/entry/kioptrix-level-12-3,24/, Kioptrix 3 is vulnerable to SQL Injection.

However, I found that SQLi challenge on Kioptrix 3 is a little bit tricky as the gall… Continue reading How to find vulnerable PHP parameter such as `.php?id=` as found in Kioptrix 3?→

Kioptrix 2: Why netcat reverse shell executed in web browser via command injection bug doesn’t work?

Posted on May 26, 2020 by Wolf

I’ve completed kioptrix level 2 challenge via sql injection, command injection, bash reverse shell, and local privilege escalation as part of my OSCP preparation.

https://www.vulnhub.com/entry/kioptrix-level-11-2,23/

; bash -i >& … Continue reading Kioptrix 2: Why netcat reverse shell executed in web browser via command injection bug doesn’t work?→

"john –format=md5" caused "Unknown ciphertext format name requested" error

Posted on May 24, 2020 by Wolf

This is known md5 hash for Kioptrix: Level 1.1 (#2)

Linux unshadow file

wolf@linux:~$ cat md5hash.txt
root:$1$FTpMLT88$VdzDQTTcksukSKMLRSVlc.:0:0:root:/root:/bin/bash
john:$1$wk7kHI5I$2kNTw6ncQQCecJ.5b8xTL1:500:500::/home/john:/bin/ba… Continue reading "john –format=md5" caused "Unknown ciphertext format name requested" error→

hashcat: No hashes loaded

Posted on May 24, 2020 by Wolf

I’ve been trying Kioptrix: Level 1.1 (#2) and managed to get root access.
https://www.vulnhub.com/entry/kioptrix-level-11-2,23/

wolf@linux:~$ nc -vklp 8080
listening on [any] 8080 …
10.10.10.10: inverse host lookup failed: Unknown host
… Continue reading hashcat: No hashes loaded→

Why are there different pentest phases/stages/methodologies?

Posted on May 23, 2020 by Wolf

Why are there different pentest phases/stages/methodologies?
Which one should be used?
Why don’t we come out with standard one?

E.g.

Wikipedia / Cybrary.it

Reconnaissance
Scanning
Gaining Access
Maintaining Access
Covering… Continue reading Why are there different pentest phases/stages/methodologies?→

By: Wolf

Posted on June 11, 2019 by Wolf

It’s the future. ;D Continue reading By: Wolf→

How does Jami (formerly Ring.cx) really work, and how secure is it?

Posted on September 26, 2016 by Wolf

Jami calls itself “ultimate privacy and control for your voice, video and chat communications”. But forums online mentioned in passing (little depth) that it uses bad cryptography protocols and has messy source code. What exactly is insecu… Continue reading How does Jami (formerly Ring.cx) really work, and how secure is it?→