Category

Technology

Category

In this article, I’ll teach you how to build a web scraper using Python & BeautifulSoup. This idea was born of my efforts to scrape data from competitor sites for a new web-application that I’m building. A few months ago I started building a web application. A data-driven web application that collates and ranks products in an intuitive manner, with Search Engine optimization built-in. However, there are competitors that already exist that have ten of…

WPMUDev is a WordPress-focussed company. They do many things, plugins, hosting, but what stood out to me specifically was their managed hosting service. Okay, I’d first seen them advertised via WordPress plugins, Hummingbird for example, and then sought out better hosting. At the time, I was still using shared hosting. Moving from Hostgator to Bluehost, back to Hostgator’s “managed WordPress” service, all of which were sh*te. This was probably during periods 2014-2019~. Then in 2019,…

Blunder is a Linux based CTF from HackTheBox. It entails hacking into a vulnerable web server. The server is hosting a CMS called Bludit. Which we need to exploit, after finding some potential users. Once we gain a foothold in the machine, we get reverse shell, privesc to user and finally privesc to root. Enumeration Nmap Gobuster Admin portal http://10.10.10.191/admin/ Generic admin login portalUses Bludit: https://www.bludit.com/Bludit has a GitHub repo with public code: https://github.com/bludit/bluditLogin sends…

Jerry is a Windows-based CTF from HackTheBox. Initial Attempted to browse to host, but no response. Confirmed host is alive with ping. <div class=”wp-block-codemirror-blocks-code-block code-block”> <pre>kali@kali:~/Desktop/repos/ctf/hack-the-box/oopsie$ ping 10.10.10.95 PING 10.10.10.95 (10.10.10.95) 56(84) bytes of data. 64 bytes from 10.10.10.95: icmp_seq=1 ttl=127 time=7.04 ms 64 bytes from 10.10.10.95: icmp_seq=2 ttl=127 time=8.13 ms 64 bytes from 10.10.10.95: icmp_seq=3 ttl=127 time=7.99 ms ^C — 10.10.10.95 ping statistics — 3 packets transmitted, 3 received, 0% packet loss, time 2008ms…

Agent Sudo is a TryHackMe CTF. It involves some manual enumeration, FTP brute-forcing with Hydra, SSH, then privilege escalate with a sudo CVE vulnerability. Task 1 Deploy the machine; navigate to it the host in your browser to reveal the some text. Dear agents, Use your own codename as user-agent to access the site. From, Agent R Task 2 How many open ports are there? There are 3 ports shown in the nmap scan; SSH…

Game Zone is a CTF from TryHackMe, with a focus on using SQLMap to obtain reverse shell, and then privilege escalation. [Task 1] Deploy the vulnerable machine This room will cover SQLi (exploiting this vulnerability manually and via SQLMap), cracking users hashed passwords, using SSH tunnels to reveal a hidden service and using a Metasploit payload to gain root privileges. Deploy the machine and access its web server Deploy the VM, then navigate to the…