Stack Zero – Protostar

In this series we’re going to solve protostar challenges from exploit educationšŸŽ‰ After starting your protostar VM login with these creds user:user Challenge files are located at /opt/protostar Today we are going to solve stack0 It’s a 32 bit executable file and it’s not stripped. Here we can see the source code of stack0. Here […]


Nmap: Webpage: gobuster reveals two directories /main and /testing While looking the config files, I got some creds There’s a login page let’s try these creds there Use the default username of wordpress “administrator” Here we can upload plugin I’m not going to do this manually, let me try a metasploit module Exploitation part: Exploit […]


Always we start with nmap right? Ever thought how to speed the scan? Here I made a small script to do it You can download it here –> HTBS See how it works –> Explanation Let’s check webserver Quickly search exploits for this Let’s look that medium article Ok there’s a payload let’s try that […]