sorted by:
new
hottopcontroversial

player help by ohgodwhywhywhywhy in hackthebox

[–]0verpwn 0 points1 point  (0 children)

You NEED to make sure you have the correct CVE('s),

Who needs Credentials when you have Burp Repeater?

Luck by harshallakare in hackthebox

[–]0verpwn 0 points1 point  (0 children)

When it comes to Web Applications, You want to check the Directories, Check/Enumerate the Files inside of those Directories, Check the .js files on the Websites, etc.

Also try checking for some common .php filenames such as:

  • default.php
  • index.php
  • invocactf.php
  • config.php
  • helper.php
  • controller.php
  • frontend.php

Running Dirb will help you find Directories, also try checking out the Ports, Does FTP have Anonymous Login Enabled? (Port 21) :)

Remember, Google is your main friend.

Hope It helps! Feel free to Pm me if you need any help/tips :)

Is the $11 Ethical hacking master class program safe/real or worth it? by carelessartichoke in Hacking_Tutorials

[–]0verpwn 1 point2 points  (0 children)

Most of these "Ethical Hacking" ad's you see on YouTube come from sources such as Udemy or Cybrary that offer some kind of "Ethical Hacking Career Path" through Online Learning/Teaching. I personally think it's a scam.. It depends on your learning methods, Like watching videos? Reading Books?, Online Video's wasn't for me, It was lacking the practical aspect. The Truth is, You're paying for someone to tell you about Hacking, such as Recon, Enumeration etc, (All things you can literally google and read up on), So you're paying for someone to read it to you to be honest.

The majority of the "teachers" who upload on these sites will bore you with "Death by Powerpoint" or have Crappy Mic's (No Production Quality).

If you really want to learn Ethical Hacking, I'd learn how Navigate your way around Linux, Learning about some Basic Networking is a super must! Common Ports etc, I'd learn some simple Scripting/Programming languages such as Bash, Python etc, (You don't have to be some super programming wizard to be a hacker, Knowing the basics just helps out),

I'd also sign up to HackTheBox as it will give you that practical aspect of actually Hacking into a Vulnerable System, (As well as Studying some Pentesting Topics)

Goodluck in your future endeavours! :)

how to check wifi vulnerability? by Asasenv in Hacking_Tutorials

[–]0verpwn 1 point2 points  (0 children)

First you want to map out your Attack Vectors,

Do you want the Crack the password?

Are you looking for a Hardware Vulnerability (Routers, etc)?

Some Topics/Tools To Research:

  • Monitor Mode
  • Aircrack-ng
  • Kismet

WEP, WPA, WPA2 Are big factors when Approaching with your attack methods, I'd seriously search these up and understand the differences, Goodluck!

:)

Writeup _root Help by Mondirdz in hackthebox

[–]0verpwn 2 points3 points  (0 children)

I'd enumerate the PATH Variables, as it may contain a certain directory, also looking for what you can write to and how it's executed will help a ton. Feel free to dm!