If you are looking at an XSS within a hidden input this post may help you with a proof of concept. The first way of getting that proof of concept is from an article posted in the PortSwigger blog. https://portswigger.net/blog/xss-in-hidden-input-fields. The browser ignores the JavaScript events such as onclick and onmouseover. So the context of …
A hostile subdomain takeover!
Hello Again!, It has been a while since i have written anything here. I've been quite busy as i moved to Australia and took me a while to settle down. I am grateful to have the opportunity to work with some of the best offensive security consultants and hope to add some more content and …
Lateral Movement with SMBRelayx.py
Lateral movement from Cybersecurity perspective, is movement of threat or a malware from one compromised host to another. Traditionally, Worms utilized these techniques to spread across a network. Nowadays, Ransomware employ these techniques to spread and cause havoc encrypting systems connected over shared folders. However, in case of an APT these technique are used to identify …
HackIM2017 CTF -Web Challenges and solutions (part-4)
Solving Web400 Challenge Accessed the Web4 challenge and we are given a new Hint!. hints are back!! 🙂 Possibly a crypto challenge ahead from a martian!?.. Right, so going into the link we find that there a captcha along with a login. View source gives away the "partial" password and its 69 characters long. Also, there …
Continue reading "HackIM2017 CTF -Web Challenges and solutions (part-4)"
HackIM2017 CTF -Web Challenges and solutions (part-3)
Solving Web300 Challenge There was sudden absence of a hint here! OK!.., so viewed view source. Nothing. Hmm! had an Ominous feeling starting this one .. Accessed the web page and it appeared to be a command line injection attack. Trying couple of variations with http:// 54.89.146.217 /? c m d = ls and no …
Continue reading "HackIM2017 CTF -Web Challenges and solutions (part-3)"
HackIM2017 CTF -Web Challenges and solutions (part-2)
Solving a CTF is like addiction, you can't possibly stop at 1. So i tried to submit the flag and it failed. There was a syntax to follow flag {...}. This was not very intuitive for me and there was a tweet from the nullcon handle. Solving Web200 Challenge! So, the hint seems to indicate some …
Continue reading "HackIM2017 CTF -Web Challenges and solutions (part-2)"
HackIM2017 CTF -Web Challenges and solutions (part-1)
NullCon 2017 is in the corner, Feb 28th - March 02. It has some really good talks, workshops and training's lined up with many industry experts from around the world. Another note about NullCon is the CTF before Nullcon. Often hosted over ctf.nullcon.net. This time i participated in the web challenges and got upto web400. For …
Continue reading "HackIM2017 CTF -Web Challenges and solutions (part-1)"
Extracting Network IOC’s
Most of the times while digging through pcaps, i found the need to get URL's, domains and IP address which can be used to identify a specific malware. We can generally use wireshark, but it will be a little time consuming and the filters may not cater all the requirement's. I ended up using dsniff …
A Simple CTF walk-through( Hack.me )
eLearnSecurity hosts a sandbox website named "Hack.me". This website is a great playground to sharpen skills in web application security. I tried few of their sandbox challenges and felt this simple CTF was quite cleverly built. It helped me speed up on simple PHP concepts. I'm going to start with the walkthrough for this challenge, I strongly suggest …
5 point Preparatory for OSCP
Ever since the start of my career, one of my personal goal was to secure "OSCP" - Offensive Security Certified Professional. It has always been considered the de facto "Ethical Hacker" course and certification... Why? There has never been anything like this course. It provides one of the most realistic lab and an exam that challenges a student …
Breaking application security 