This is a writeup of Bob machine,found on Vulnhub’s platform.The production credits go to c0rruptedb1t.
You can get the machine from here-https://download.vulnhub.com/bob/Bob_v1.0.1.ova
Let’s start off,by using ‘netdiscover’ command, to find the victim machine’s IP
Conduct the Nmap scan, with stealth and verbose switches enabled. We get,
Any startup or company dealing in the field of Cyber Security, need to have their basics right. Knowing how to deal with a given problem, suggesting a suitable solution, and getting the problem solved, with satisfaction is what one yearns for.
At Sennovate, the employees strive for the same, through their services and operations, that they offer.
About the Company:-
Sennovate is a multi-national organization, that primarily deals with solutions to cybersecurity problems. Be it malware or widespread botnet attack, they’ve got you covered.
Co-founded in the year of 2007, by Senthil Palaniappan and Sam Muthu, the organization embraces…
This is my technical writeup, covering Vulnhub’s Tr0ll box, which is pretty good for beginners, starting their foray into pentesting.
For those unfamiliar with Vulnhub, it is a platform, which provides vulnerable boxes, which can be practiced on, to gain experience in Ethical Hacking. The outcome is to capture the flag, indicating successful penetration/dominance over a machine.
I honestly had a good time playing around with the box. It taught me the importance of having good observational skills too.
NOTE:IP Address of the victim machine, will henceforth be referred to as IP Address.
You can download the machine’s zip file from here-https://download.vulnhub.com/lazysysadmin/Lazysysadmin.zip
Booting up our target machine and victim machine, we try to obtain the victim’s IP, using ‘netdiscover’ command, on our terminal
Running a Syn scan over the IP, we get
Since this was my first time laying a hand on a CTF box, I wasn’t exactly sure on what was lying ahead and what I could possibly encounter.
NOTE: Since IP Address of the box will be different for all, I will be stating it simply as IP Address, throughout the article
You can download the box’s zip file from here-http://ly0n.me/nullbyte/NullByte.ova.zip .Extract it and load up the .ova file onto VMware, which is recommended.
Your own Kali VM (attacker machine) and the box VM (victim machine) should simultaneously be running together, on VMware
The first aim…
The problem with programming in it’s initial phase was it’s inconvenience in not being able to collaborate with fellow programmers and bringing better logic and implementation to the fore.
Earlier ,software only required annual updates or quarterly maintenance to make sure software was running in the intended manner. Over time, customer demands changed, with software being required at every possible situation in life. Software needed to be maintained well, with no inconvenience caused to the customer, due to the software’s failures. …
The task of Threat Analysis ,documentation and identification, on multiple devices, connected on a network, is by means, very tiresome. Imagine threat analysts having to go through devices (IOT,BYOD) etc, which do not fit the security policies in place.
It requires extensive need of tools, frameworks, precautions, which can consume valuable time, while the threat actor manning those devices initiates an attack.
Security Information and Event Management (SIEM), is an application of Network Security, implemented on an organization’s connectivity framework, that provides real time threat alerts to threat analysts, when a suspicious device has connected to the organization’s…
Make of this, what you will
This is a deviation from the technical articles, I usually write, since I wanted to delve into something more mysterious and sinister. This mystery, like many other Internet mysteries have intrigued me and what interests me, is that it is a cold mystery and has not found closure yet.
Have you ever seen Facebook posts or Youtube comments, usually consisting of gibberish, with random words strung together? I am sure most of you have. Everyone merely brushes this off, as the work of an obscure bot, who tries to spam comments. …
Ever imagined being free from the constant fear of threats or malware, that could harm your device? Up to now, we never could have imagined being connected to a network, where everything relating to security, from top to bottom is decided by the authenticity of users. This idea introduces us to Zero Trust Network Access (ZTNA), one of the leading trends for Cyber Security, in 2021.
NOTE: Due to it’s sheer amount of occurrence, we will be depicting Zero Trust Network Access, by it’s acronym ZTNA from now on.
What do you mean by ZTNA?
It refers to a network…
In the real world ,there are many scams and too-good-to-be-true schemes that people fall for every other day. Citing examples such as unofficial Covid-19 donation collections and financial thefts. Occurrence of these have greatly grown, since the dawn of the pandemic ,aided by social media platforms. Gradually we can understand that the same applies for a network. Whether being asked to protect a network or configure the same ,there may be some loose ends that are not taken into much consideration ,which is then utilized by an attacker to target a network. …