all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Machine 1 : PyExp Walkthrough

Add to bookmarks
Feb. 28, 2024, 11:50 a.m. | Indranil

System Weakness - Medium systemweakness.com

PyExp CTF Walkthrough

PyExp | Level: Easy | Linux | Python

Machine URL —https://portal.offsec.com/labs/play

Machine IP — 192.168.172.118

Steps to Solve the machine:-

Enumeration

  1. Use nmap to enumerate the target
nmap -sC -sV -T4 -p- $ipTarget Enumeration using nmap

2. Bruteforce the mysql service to gather the login credentials.

# hydra -l root -P /usr/share/wordlists/rockyou.txt $ip mysql

Credentials found: username — root | Password — prettywoman

3. Login to mysql using the harvested credentials

mysql -u root -p -h …

linux oscp-preparation provinggrounds

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 3 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 3 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 3 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 1 day ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 1 day ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 1 day, 22 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 1 day, 22 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 1 day, 22 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 1 day, 22 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs