InfoSec Write-ups - Medium-- The exploitation of a vulnerable FreeBSD OS machine and rooting it by escalating privilegesContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- CVE-2020–24115Use of hardcoded credentials in source code leads to admin panel accessLink: https://nvd.nist.gov/vuln/detail/CVE-2020-24115# Exploit Title: Online Book Store 1.0 — Use of Hard-coded Credentials in source code leads to admin panel access# Date: 2020–07–22# Exploit Author: Mayur Parmar(th3cyb3rc0p)# Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/# Software Link: https://github.com/projectworlds32/online-book-store-project-in-php/archive/master.zip# Version: 1.0# Tested on Windows10# CVE: CVE-2020–24115Hardcoded Credentials:Hardcoded Passwords, also … Continue reading CVE-2020–24115: Use of hardcoded credentials in source code leads to admin panel access

InfoSec Write-ups - Medium-- The TryHackMe Overpass machine walkthrough with Burp Suite, JavaScript, John The Ripper, and LinPEAS.Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Winja CTF 2020: Write-upToday I participated in Winja CTF, It was a really Awesome Experience.I was able to solve 7 challenges so here I am sharing my approach to solve them.1. Liar LiarThe first thing I did was check “file” command itself.fileSo it’s ASCII text file.so I tried cat this_is_a_binarycat fileSo in img src, we can … Continue reading Winja CTF: Write-up

InfoSec Write-ups - Medium-- Parameter Tampering: Special CharactersContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.HashCatHere we will be looking into … Continue reading Cracking Hashes with HashCat

InfoSec Write-ups - Medium-- Today I am writing about the love story between bug bounties & reconnaissance, but before I do I should say that i’m not much of an expert…Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Let’s see how to harden your WordPress siteContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Recovering a lost phone number using the hacker mindsetRecently I have lost an important phone number accidentally as a consequence of wiping the data partition of my Android device (due to an OS upgrade migrating from the official but unsupported LineageOS branch to my unofficial but up-to-date supported LineageOS builds). All of … Continue reading Recovering a lost phone number using hacker mindset