This is a walkthrough of the Lame machine from HackTheBox. Folder Setup and Nmap Scan Results of the Nmap Scan Anonymous FTP Access Anonymous FTP is enabled. Use anonymous as the username when prompted. Simply press ‘Enter’ when prompted for the password without typing anything. Found nothing interesting. Type ‘exit’ to quit the FTP session. […]
Beyond Dumb Shells: Mastering Reverse Shell Stabilization
Every pentester knows that exhilarating moment when they catch a reverse shell—only to lose it seconds later by pressing “Ctrl-C” out of habit. A fragile, one-time shell is a problem, especially when certain commands require a fully interactive terminal. In this post, we’ll go beyond the usual fixes and explore powerful methods—some well-known, some lesser-known—to […]
Nmap Cheat Sheet: Essential Scans for Ethical Hackers
Introduction In the vast expanse of the digital world, where every packet tells a story, Nmap is the hacker’s reconnaissance tool of choice. Whether mapping networks, identifying vulnerabilities, or conducting stealth scans, Nmap is a must-have for ethical hackers and security pros alike. This cheat sheet covers the most effective Nmap commands for network discovery, […]
Gobuster: Brute-Forcing Directories Like a Pro
Gobuster is a powerful tool designed for web application penetration testing, specifically for directory and file brute-forcing. Key Takeaways Gobuster is a directory brute-forcing tool used for finding hidden web resources… Setting up Gobuster involves installing the tool, specifying the target URL… Choosing the right wordlist is crucial for maximizing discovery… Setting Up Gobuster for […]
Path Traversal to RCE: Bug Bounty Write-Up POC
Path Traversal to RCE: Bug Bounty Write-Up POC Path Traversal to RCE: Bug Bounty Write-Up POC Introduction Bug bounty hunting is all about persistence and creativity. This write-up documents my approach to a CTF lab that simulates a real-world vulnerability, inspired by this $40,000 bounty write-up by Abdullah Nawaf and Orwa Atyat. In this challenge, […]