1. Introduction to Mendix Mendix is a low-code application development platform that allows you to build web and mobile applications visually, with minimal manual coding. Since Mendix does not re...

Summary TraceBack is an easy difficulty machine with the theme of tracing hackers steps in the already compromised system. Initial foothold starts of by finding comment in the source code of web...

Summary Nmap revealed that there is Redis server running on port 6379, which allows connection without credentials. The fact that Redis service is unauthenticated means we can potentionally try ...

Summary By using anonymous login, I was able to access ftp server. There are several files listed there, so I downloaded them to my local machine for further inspection. Most interesting file is...

Summary Nmap revealed that server is vulnerable to Heartbleed. By exploiting this, I was able to retrieve memory leak which contained base64 encoded string that decodes to heartbleedbelievethehy...

Summary By brute-forcing directories on port 80 I discovered /admin directory. Accessing it revealed Pi-hole Version v3.1.4 application. Using dirsearch for /admin directory showed interesting f...

Summary Nmap revealed that port 161/udp is open. By using snmpbulkwalk, I found plain credentials for user daniel. These credentials are valid for SSH so I gained access as user daniel. Enumerat...

Summary After bypassing basic HTTP authentication on port 80, I discovered that Apache ActiveMQ is in use. Searching for Apache ActiveMQ vulnerabilities, I found exploit which allows RCE. Exploi...

Summary Inspecting website source code revealed interesting javascript file photobomb.js. This file contained plain text credentials which granted me access to /printer directory. Here can be fo...

Summary Using anonymous login to ftp server I got access to web root of IIS. It is possible to upload reverse shell via ftp and trigger it by accessing it on port 80. While enumerating system as...