100 Days of Hacking — Day 5
Objectives of day 5 :
- Learning Networking basics — TCP/IP stack
- Try out a tyhackme room
- watch and learn basic buffer overflow for ctfs on live overflow
Reports of day 5 :
I started the day by signing up for pwnable.kr and started doing the beginner problems of analyzing binary files. I have a piece of good knowledge in c but when it comes to assembly-level languages brain : *beep boop*. I solved up to the flag challenge and after that i became tired and fumes came outta my brain after years (it’s finally working it seems)
The tryhackme room I tried was an awesome one. it’s easyctf. Simple enumeration basics and to enhance privilege escalation vector finding skills. A thread I found online that showcases privilege escalation checklist and imma giving a basic summary about it (link)
- Check if we are in the sudoer list using (sudo -l)
- If yes then kaboom if no check suid for interesting binary files that the user have permission (interesting in the sense like doas, vim,nc, etc) using this command :
find / -user root -perm -4000 -print 2>/dev/null
3. look for interesting files like .sqldumb,bash_history , .ssh , .backup files
4. See the process that is running currently it may lead to some interesting findings using the “ps” command
here you go with just these you can complete simple CTF enumeration challenges (baby and easy challenges)
So after completing this i learnt how to use immunity debugger for solving reverse and binary exploitation problems.
sbin/shutdown(day5)
