PinnedPublished inInfoSec Write-upsHow I got my first bounty. (Open Redirect)On September 16, I was searching for a bug in a certain website let’s call it “buggyweb.com”. I was clicking and visiting every link…Oct 12, 20203Oct 12, 20203
Linux Privilege Escalation Part 1After we gain an initial foothold on the machine, the next step is to escalate the privilege of that machine. So in this writeup, we will…Oct 16, 2022Oct 16, 2022
Stabilizing Netcat ShellThe Basic Netcat shell has some limitations like we cannot use “Up arrow/Down arrow” to scroll through previous commands, cannot use the…Aug 22, 2022Aug 22, 2022
Published inTechiepedia2FA Misconfiguration leads to adding any number as 2FA verificationI was testing 2FA on a website. At first, I tried to bypass 2FA but I was not successful, then I thought of something else. What if I can…Feb 22, 2022Feb 22, 2022
Published inInfoSec Write-ups[Metasploit]Upgrade Normal Shell To Meterpreter ShellAfter we got access to the machine, sometimes we get Meterpreter Shell immediately after exploitation. Meterpreter Shell offers the easiest…Sep 16, 20211Sep 16, 20211
TryHackMe: Bolt walkthroughHello People, In this write up I have covered a walkthrough for the Tryhackme box called “Bolt”. So let’s get started. Link…Jul 29, 2021Jul 29, 2021
Published inTechiepediaHow the simple flaw leads to leakage of all questions on the school examination website.After the Covid blew up, everything has moved online. School started to teach online to its student and even decided to take exams online…Jul 15, 2021Jul 15, 2021
Published inTechiepediaTryhackme- ‘Lazy Admin’ walkthroughHello People, In this write up I have covered a walkthrough for the Tryhackme box called Lazy Admin. So let’s get started.Jun 24, 2021Jun 24, 2021
File Upload Leads to Stored XSSA while ago I have written a post on “Unrestricted File Upload” by exploiting that bug I was able to upload any extension file, even…Apr 5, 2021Apr 5, 2021
Unrestricted File UploadI was testing on a website let’s call it “buggyweb.xyz”. After sometime i found that there was discussion forum which URL was something…Jan 12, 20212Jan 12, 20212
No rate limit on the forgot password field.Rate limiting is used to control the rate of requests sent or received and is used to prevent DoS attacks. Nowadays it is most to use the…Nov 18, 2020Nov 18, 2020
![[Metasploit]Upgrade Normal Shell To Meterpreter Shell](https://miro.medium.com/v2/resize:fill:80:53/1*ABsxuViM-w9bnNuIu1W_vA.jpeg)
![[Metasploit]Upgrade Normal Shell To Meterpreter Shell](https://miro.medium.com/v2/resize:fill:160:107/1*ABsxuViM-w9bnNuIu1W_vA.jpeg)
