HackTheBox Haystack

‘Haystack’ is rated as an easy machine on HackTheBox. USER Running nmap on the machine showed that only a few ports were open, with http running on both port 80 and 9200. Visiting port 80 revealed a very simple page with an image and nothing else. Gobuster didn’t reveal any other endpoints on this port, …

HackTheBox Haystack Read More »

HackTheBox Writeup

‘Writeup’ is rated as an easy machine on HackTheBox. User As always, I started with an nmap scan which revealed two ports open, port 22 (SSH) and port 80 (HTTP). Visiting port 80 showed a very simple page and nothing else. No links, nothing. Well, except for a warning that I’d be banned if I …

HackTheBox Writeup Read More »

OWASP Juice Shop Cracking

Today I’m going to write how to get the answers to the security answers for the lost password functionality in OWASP Juice Shop. While there’s no achievement for this, it is a very good exercise that teaches both SQL injection, code diving and cracking. In order to reset a user’s password, 2 things are required: …

OWASP Juice Shop Cracking Read More »

OWASP Juice Shop SQLi

The OWASP Juice Shop is a vulnerable web application to train web application hacking on, much like OWASP WebGoat which I’ve already covered on this blog. Without spoiling too much, the login form is vulnerable to SQL injection, and it is possible to dump the database from here. I’ll cover the detection of the vulnerability …

OWASP Juice Shop SQLi Read More »

50m CTF write-up

On the 26th of February HackerOne announced ‘the biggest, the baddest, the warmest’ CTF, with an incredible price of 10.000 US$. Being a beginner hacker my first reaction was: ‘with that kind of price, I’ve no chance in hell to solve it!’. However, since I love playing CTFs I took a shot anyway. This is …

50m CTF write-up Read More »

Caesar ciphers in Python

One of the simplest ciphers is the Caesar cipher, also called the shift cipher. It works by shifting each letter in the alphabet n positions to the right, mapping it to a different letter. For example, using ‘rotation 13’, a is shifted 13 positions to the right, corresponding to the letter n. What happens to …

Caesar ciphers in Python Read More »

OWASP WebGoat XXE

The WebGoat XXE (XML External Entity) section has 3 exercises. The first 2 are pretty easy, the last one quite difficult. So without further ado, let’s get to it! Exercise 3 In this exercise you are asked to list the contents of the root file system directly in a comment using XXE. For this, you …

OWASP WebGoat XXE Read More »

OWASP WebGoat SQL advanced lesson 5

Last week I wrote about the OWASP WebGoat XSS lessons. Today I’d like to write a few pointers on how to solve the SQL injection (advanced) lesson 5. The goal is simple: you are presented with a login box and given a username; log in as that user. The usual username’ OR ‘1’=’1 — unfortunately doesn’t …

OWASP WebGoat SQL advanced lesson 5 Read More »

OWASP WebGoat XSS lessons

I recently installed WebGoat, a deliberately vulnerable web app with built-in lessons. While some of the lessons are very easy, they quickly rise to a much higher difficulty. Even though the app does explain the basic concepts, the explanations are nowhere good enough to solve the exercises provided. In this post I’ll focus on the Cross-Site …

OWASP WebGoat XSS lessons Read More »