Security Research

Labs & Writeups

HackTheBox

Machines Name: Legacy

Easy

Objective

Gain root privileges on a Windows machine by exploiting a vulnerability in the SMB protocol.

Tools Used

Nmap Metasploit Searchsploit

High-Level Steps

  1. Reconnaissance using Nmap to identify open SMB ports (445).
  2. Identified the target is vulnerable to MS08-067 (NetAPI).
  3. Configured and launched the exploit using Metasploit Framework.
  4. Obtained a meterpreter shell with system privileges.

Key Learning

"Older windows systems are often vulnerable to classic SMB exploits. Always patch legacy systems."

Read Full Writeup →
TryHackMe

Room: Burp Suite Basics

Fundamental

Objective

Learn the core features of Burp Suite for web application security testing.

Tools Used

Burp Suite Proxy FoxyProxy Repeater

High-Level Steps

  1. Configured browser proxy settings to intercept traffic.
  2. Captured HTTP requests and modified parameters in Repeater.
  3. Used Intruder to brute-force a login form.
Read Full Writeup →