In this machine we were able to discover that default credentials are bad. We also learned about burpsuite and how effective it is against web application pentesting. we were able to intercept traffic, decode base64, perform a brute force attack. Also we did a similar function with uploading a file to a server and downloading it as we did in the Devel box.
eJPT | Sec+ | Cyber Security Enthusiast. I plan on obtaining the ecpptv2 and OSCP in 2021. Just documenting my experience of becoming a pentester along the way.