Hello, this is my walkthrough of Cyborg challenge from https://tryhackme.com

Nmap scan :
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 db:b2:70:f3:07:ac:32:00:3f:81:b8:d0:3a:89:f3:65 (RSA)
| 256 68:e6:85:2f:69:65:5b:e7:c6:31:2c:8e:41:67:d7:ba (ECDSA)
|_ 256 56:2c:79:92:ca:23:c3:91:49:35:fa:dd:69:7c:ca:ab (ED25519)
80/tcp open http Apache httpd 2.4.18 ((Ubuntu))
|_http-server-header: Apache/2.4.18 (Ubuntu)
|_http-title: Apache2 Ubuntu Default Page: It works
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

So we have 2 open ports ! and nothing special, lets check web page!

Hello homies this is Fahd Abida from Crisis Team and here is the solution to a challenge we played me and my friend Jakoom lately

We had to solve the challenge twice because the first time there was a bug that gave us a simple way to exploit the target, then the second time after the patch!

Hello guys, this is Eddie_Mora from CRISIS Team, In this article, I will give a write up about a Web challenge I solved when playing Cyberyoddha CTF

The CTF was for newbies so all challenges were so easy but I will explain one about SQL injection!

The Challenge was named “Data Store 2” with 225 points!

The objective was to bypass this login panel, so the first thing to do us to check the source page but nothing interesting…

Then let's analyse the behaviours of the log-in function with Burpsuit Tool

So basically when using random credentials it gives “Ivalide…

Hello Hackers, today I will tell you how I was able to hack into the Phpmyadmin panel of a target and read all databases content

The story started when I wanted to thanks my teacher for all the knowledge he gave me during my 3 years of studies in the university of computer science, so I decided to offer a free pentest service to the University(Web app testing)

So as always we have the main target ‘www.Target.com’, the first thing to do is to collect interesting information and subdomain enumeration! I used ‘dnsdumpster.com’ for subdomains but unfortunately, I found nothing…

So the first step was to check the link of the challenge: http://192.171.20.103/Challenge1/

As you can see a simple page with some images from HxH anime, let's check the source code of the page!

Nothing interesting but this comment :

Hello community, today it's time to show you a sweet side from the hacking world, which is items collection.

So whats items collection mean in the infosec world?

Actually as in normal life, you may know a person or a group of people obsessed with collecting rare and valuable things that may don't exist anymore.

Then in this article, I will show the kind of items you can collect as a hacker, I may lose this item after this article because it seems illegal in a way, and it can be used to do malicious actions, anyway its 2020 and…

Sadeem سديم is The largest competition for influencers in the Arab world!

I wanted to vote for one of the participants, and I said why not find a way to vote more than once?
And this is how I did it:

This is the page where you can choose the person you wanna vote for!

This is a short story where I'm gonna show you the differences between real hackers and noobies.

It's about a website that my friend gave me to check, and guess what?
The website was like this!