Domain takeover means registering a non-existent domain name to gain control of another domain. If attackers find an expired domain (here’s how to find them [8 – Finding Expired Domains]), they can hijack that domain to carry out other attacks, such as hosting malicious content on a website or sending a phishing email using the […]
See [[2 – DNS Server Enumeration Port 53]] part of subdomains Tools There are several tools available that excel at brute-force enumeration: Tool Description dnseno Comprehensive DNS enumeration tool that supports dictionary and brute-force attacks to discover subdomains. fierce Easy-to-use tool for recursive subdomain discovery, with wildcard detection and a user-friendly interface. dnsrescon Versatile tool
If we have Java files, such as one from the blockyBlocky Writeup machine, which is BlockyCore.class We need to decompile it to see the content. To do this, we can do wget https://www.benf.org/other/cfr/cfr-0.152.jar # Now we do java -jar cfr-0.152.jar BlockyCore.class And we see the contents. We can also decompile them recursively. So java -jar
📝 Writing – Blocky Linux 🧪Procedure 1 -> To keep everything organized, the first thing you should always do is create a folder in your work environment with the name of the machine. Once you’ve created it, go to the folder and run the [[mkt]] command. Now we check the connection to the victim machine.
The dig command (Domain Information Groper) is a versatile and powerful utility for querying DNS servers and retrieving various types of DNS records. Its flexibility and detailed, customizable output make it an ideal choice. Common dig Commands Domain Description dig domain.com Performs a default A record lookup for the domain. dig domain.com A Retrieves the
Ethical Hacking. The world of computer security is constantly evolving, and with it, the need for professionals trained in the art of ethical hacking. In this post, we’ll explore what ethical hacking is, why it’s important, and how you can begin your journey in this exciting and increasingly relevant field. What is Ethical Hacking? Ethical
This time we have the writeup of the Vulhub Venom machine. Initial Reconnaissance in the Writeup We see that we have the IP 192.168.1.225 Now we run a trace to see if we have a connection to the machine. We see that we have a connection and the “ttl=64” attribute, meaning we are dealing with
What are SUID privileges? A SUID (Set User ID) privilege is a special permission that can be set on a binary file on Unix/Linux systems. This permission gives the user executing the file the same privileges as the file’s owner. For example, if a binary file has SUID permission set and is owned by the
Default Configuration All DNS servers work with three different types of configuration files: 1. Local DNS configuration files 2. Zone files 3. Reverse name resolution files DNS Server [Bind9](https://www.isc.org/bind/) It is widely used in Linux-based distributions. Its local configuration file (named.conf) is divided into two parts: 1 – The options section for general configuration 2
DNSenum is a powerful and versatile tool for advanced DNS enumeration. To download it, go to https://github.com/fwaeytens/dnsenum Usage Example