Hacking Windows with Fake Captchas

Hacking Windows with Fake Captchas

In recent weeks, cybersecurity researchers at various companies spotted a new type of phishing attack involving those pesky re-captchas. Originally, reCAPTCHA is a security tool designed to differentiate between human users and automated bots on websites. However, hackers in the wild were using them to social engineer the victim and run malicious powershell scripts on the target systems. Let’s see

Hacking Windows with Fake Captchas Read More »

Vulnlab - Sync

Vulnlab – Sync

In this walk through, we will be going through the Sync room from Vulnlab. This room is rated as Easy on the platform and it consist of abuse of rsync service to download site.db database which reveals hash of user triss that have to be made compatible for cracking for hashcat. Cracking it reveals the

Vulnlab – Sync Read More »

Vulnab - Media

Vulnab – Media

In this walk through, we will be going through the Media room from Vulnlab. This room is rated as Medium on the platform and it consist of abusing of file upload functionality by creating documents to capture user NTLM hash, cracking it will give us initial access to the target. For Privilege Escalation, abuse of

Vulnab – Media Read More »

Vulnlab - Feedback

Vulnlab – Feedback

In this walk through, we will be going through the Feedback room from Vulnlab. This room is rated as Easy on the platform and it consist of exploitation of Log4shell vulnerability to get initial access on the target. For privilege escalation, used the admin password found in tomcat-users.xml file to get root. So, let’s get

Vulnlab – Feedback Read More »

Vulnlab - Data

Vulnlab – Data

In this walk through, we will be going through the Data room from Vulnlab. This room is rated as Easy on the platform and it consist of dumping of grafana DB using CVE-2021-43798 which reveals the hash password of user boris that have to crack using hashcat to get initial access on the target. For

Vulnlab – Data Read More »

Vulnlab - Breach

Vulnlab – Breach

In this walk through, we will be going through the Breach room from Vulnlab. This room is rated as Medium on the platform and it consist of capturing of a user NTLM hash by creating documents that a domain user will likely open in a SMB share. Using the captured credentials, performed Kerberoasting to get

Vulnlab – Breach Read More »

Vulnlab - Baby 2

Vulnlab – Baby 2

In this walk through, we will be going through the Baby 2 room from Vulnlab. This room is rated as Medium on the platform and it consist of exploitation via a powershell script in a SMB share to get initial access on the target. For Privilege Escalation, First Degree Group Membership abuse is required to

Vulnlab – Baby 2 Read More »

Vulnlab - Baby

Vulnlab – Baby

In this walk through, we will be going through the Baby room from Vulnlab. This room is rated as Easy on the platform and it consist of extensive LDAP Enumeration to get potential password. Spraying of it reveals STATUS_PASSWORD_MUST_CHANGE error which have to be abused to get initial foothold. For Privilege Escalation, abuse of SeBackupPrivilege

Vulnlab – Baby Read More »

Scroll to Top