Posts

TryHackMe - Overpass

Image
   Overpass Hello guys, welcome    back again! with another walkthrough this time   we're moving through a box called "overpass" from TryHackMe . Come on guys, let's move to the TryHackme website, login with your  credentials then go to the learn option there search for "Overpass" select it and join the room. Before starting the machine you need to establish a connection with TryHackMe server using an openvpn. For that you click on  the profile avatar ➡ Access  ➡  Download my configuration file. Next you need to open your terminal and run these cmds: ➡ ls ➡ cd Downloads ➡ ls ➡ sudo openvpn (filename) Now our ovpn connected successfully. Go back to THM website and select ' start machine ', you will get an IP copy that IP and open new terminal switch to root user by using cmd: sudo su. Scanning & Enumeration:    ➡ ping 10.10.137.248     ➡  nmap -A  10.10.137.248 After aggressive scanning we get that, port 22 ...

MATRIX

Image
 Hello , welcome all, we are here for a walkthrough on matrix machine. Lets roll on and capture the flag.  Summary of the steps The summary of the steps involved in solving this CTF is given below.    1, Identifying target host by using the Nmap utility    2, Scanning open ports by using the Nmap scanner    3, Learning more about the target system with HTML comments    4, Identifying and downloading hidden files    5, Generating a password list with wordlist    6, Brute-forcing with Hydra    7, Logging in and bypassing Rbash shell    8, Taking root access    9, Reading flag file Step-1 * First open terminal and run  "ifconfig"  command, copy the IP and move to next step Step-2 switch to root user by running "sudo su" command * Take IP and scan using Nmap run;    ⇒  nmap -sn IP.0/24 * For aggressive scanning run;  ⇒ nmap -A -v IP Step-3 * Copy that IP and sear...

SIDE-CHANNEL ATTACK (SCA)

Image
  Imagine that a robber wants to break into your house, not necessarily he has to break the lock and come inside. he may break the hinges of the door and break-in. Like this attackers use a similar concept to break a cryptosystem through side-Channel attack. Come on let's go through the topic Side-Channel Attack  what is a side-channel attack ? Introduction   A side-channel attack (SCA) is a security exploit that attempts to extract secrets from a chip or a system by measuring or analyzing various parameters. Such as: timing information, power consumption, electromagnetic leaks Or we can say that   "side-channel attacks are based on side-channel information" A side-channel attack may also be referred to as a sidebar attack or an implementation attack. These attacks pose a serious threat to modules that integrate cryptographic system. How does a SCA work? * A side-channel attack doesn't target a program or its code directly. *  It attempts to gathe...