After learning of the Kioptrix series, I've become curious as to what makes up the other boxes.  The next in the series, Kioptrix:  Level 1.1 (#2), is a Centos server with an injection point.  There are a two things I like about this box:

1.  With the typical path I'd normally take with sqlmap, I was unable to get anything of use from this box and I was forced to use manual knowledge of blind sql injection.

2.  This box is older and what ultimately got me to root was an exploit I haven't used which is something new to me that I will stuff away for possible later use.

Read more: Simple SQL Injection

This will sound like a walk-through for Kioptrix1 but it didn't start off that way.  While scanning a server, I saw the following:

+ mod_ssl/2.8.4 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell.

When you search for:  mod_ssl exploit

The first result is 764.c on Exploit-DB.  Out of the box, when you compile it, it throws a bunch of errors which sometimes means nothing but in this case, it didn't result in an exploitation.  I assumed this was due to the age of this exploit and when I went searching, I found a few articles on how to repair this exploit to make it work in the modern day.

Read more: mod_ssl Remote Buffer Overflow

For whatever reason, 2fa stops working correctly and you're faced with "The two factor authentication Secret Key is invalid."

mysql -u root -p
show databases;

Of the databases, you'll have to know which is your database.  Let's call it "joomla" for the sake of this post.

use joomla;
show tables;

Read more: Joomla: The two factor authentication Secret Key is invalid.

With most things technology, if you don't use it, you lose it.  I was once an MSSQL DBA but after taking and passing the certification, I never used it -- and then lost it.  I can hack my way around SQL but I wouldn't call myself a database administrator.  If you don't want to lose it, keep honing your skills, keep learning new things, and with pentesting, keep popping boxes.  You step away from it for just a short period of time and you're rusty.  

This is a skill I do not want to lose and that's why I find spare time to get after these boxes appearing on Vulnhub.  Practice, practice, practice!  

Read more: Vulnhub zico2: 1 Walkthrough

As you walk down the street, you approach a home with an ADT sign and you notice a pair of surveillance cameras.  As you pass the home, you also notice the doors, windows, and garage door are all closed, and a sign posted on the gate to the side yard reads:  "Beware of Dog". 

A few doors down, you pass another home without any visible signs for an alarm company and as far as you can tell, no surveillance cameras.  As you complete your pass of this second home, you notice the gate and garage door are both wide open.  In the garage, you can see three bicycles, a set of golf clubs, and a BMW with the driver side window rolled down. 

Read more: Low Hanging Fruit

I banged my head a bit on this one.  The low privilege shell was quick but the privilege escalation had me twisting for a while.  This box is definitely a mixture of standard exploitation with a CTF twist.  CTF is not really my thing but I enjoyed this box.  It was clever and there were some components to it that are truer to life than some of the boxes that don't seem to have a purpose other than being a target.  

Read more: Vulnhub Bob: 1.0.1 Walkthrough