Less hacking more learning

I’ve had more and more work for my class now and less time for HTB and studying. This just means I’ll take a bit longer between posts. The results The poll on my twitter feed kind of revealed what I had initially thought. There were 154 total votes and a lot of comments, thanks for […]

First elevated privelages!

Last time, on noob tries to hack… So I’m sitting there, excited I popped the shell (even though it was super easy) and I actually said out loud ‘now what?’. What do I do from here? So far I’ve studied vulnerabilities in sql and php, but haven’t really looked at exploits. I went to g0tmi1k’s […]

Even more SQL Injection (this time i get an admin password) part 2

To recap, in part one I went over getting setup, discovering the vm, finding open ports, playing with the website, and how to use order by to find out how many columns are in a SQL table.  Now I will continue to enumerate the table by exploring rows. Go to 192.168.120.134/cat.php?id=1 union select 1,2,3,4 This […]

Even more SQL Injection (this time i get an admin password) part 1

So I’ve been tinkering with SQL Injection for a while, trying to learn the ins and outs and the basics. I’ve previously posted on how to get bypass username and password in vulnerable forms, but this post will cover how to enumerate a vulnerable database and find the stored username/password. This lab comes from PentesterLabs, […]

An attempt on SQL injection

I’ve been trying to get into a box on @PracticalPentestLab using SQL injection.  When you are trying SQL injection, you need to think about the statement you are injecting into.  On basic forms, there is a username and a password spot awaiting user input.  The statement asking for this info from the user on the simpler […]

%d bloggers like this: