Hey, KEEP CALM and hack away…
Lab Intro You have been engaged in a Black-box Penetration Test (172.16.37.0/24 range). Your goal is to read the flag file on each machine. On some of them, you will be required to exploit a remote code execution vulnerability in order to read the flag. Some machines are exploitable instantly but some might require exploiting…
Lab Intro You have been engaged in a Black-box Penetration Test (172.16.64.0/24 range). Your goal is to read the flag file on each machine. On some of them, you will be required to exploit a remote code execution vulnerability in order to read the flag. Some machines are exploitable instantly but some might require exploiting…
Lab Intro You have been engaged in a Black-box Penetration Test (172.16.64.0/24 range). Your goal is to read the flag file on each machine. On some of them, you will be required to exploit a remote code execution vulnerability in order to read the flag. Some machines are exploitable instantly but some might require exploiting…
Lab Intro In this lab, you will have to use Metasploit and meterpreter against a real machine; this will help you become familiar with the Metasploit framework and its features. Solution I’m now in a 192.168.99.0/24 network. One host is alive. Finger-print the host with nmap. nmap -sC -sV -v 192.168.99.12 A lot of results….
Lab Intro In this lab you are connected to a switched network. Try to intercept network traffic and steal telnet credentials by performing an ARP poisoning attack. Identify the telnet server and the client machine Intercept traffic between the two Analyze the traffic and steal valid credentials Login into the telnet server Solution I’m in…
Lab Intro In this lab you can practice different techniques and tools against a machine vulnerable to null session! The final goal of the lab is retrieve information from the target machine such as shares, users, groups and so on! Moreover by navigating the remote machine, you should be able to find a file name…
Lab Intro The lab is divided in two main parts: Network authentication cracking Bruteforce and password cracking In the first part of the lab you will have to use different network authentication cracking techniques and tools against services available on the target machine. Once valid credentials have been found, it is time to download the…
Lab Intro In this lab you can practice the SQL Injection techniques and tools studied during the course. You can access the target web application at the following address 10.124.211.96. The goal of this lab is to test the web application in order to find all the vulnerable injection points. Once you find them, you…
Lab Intro A local police department has hired you to pentest their website. They had a new website created by a web development company and they want to make sure that everything is secure and in order. In this lab you will practice with Burp Suite, configuring the scope of the engagement, intercepting the communications…
Lab Intro This lab focuses on how to use burp suite. A client provides you with a URL to a web application running on a remote server. The client wants to know if there are any sensitive resources exposed. Use Burp Suite to identify if a sensitive resource was left unprotected by developers. Intranet Subnet:…