Fork me on GitHub

Pinky's Palace v1 Walkthrough

pinky's palace
WARNING: There will be spoilers to Pinky's Palace v1 VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.
General disclaimer: I am by no means an expert penetration tester nor do I have a lot of experience doing penetration testing. This walkthrough is from the perspective of an amateur whom is trying to become better. The goal is for me to eventially take the OCSP. That being said, I had a bit of help from some colleagues from my company getting started but they by no means gave me the answers. I will be posting some of my hardships from a beginner perspective.

Wire App: Bot Service Registration

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/services

When crafting your API call to register a new bot service, you should be using the POST method. This is not to be confused with registering a provider.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

Wire App: Bot Authentication

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/login

When crafting your API call to register a new bot provider, you should be using the POST method.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

{"email": "The email you registered the provider with", "password": "The password you received after registering as a bot provider"}

I used Postman, a piece of software, that makes API development easier. It can be obtained here: https://www.getpostman.com/

If you prefer to use cURL, the command would be as follows:

Wire App: Bot Provider Registration

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/register

When crafting your API call to register a new bot provider, you should be using the POST method.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

{"name": "Name of the Bot", "email": "Email to register the bot under", "url": "enter your website or just use https://","description": "Description about your bot"}

Once you submit your API call, check your email for a registration verification link. 

I used Postman, a piece of software, that makes API development easier. It can be obtained here: https://www.getpostman.com/

Wire App:Bot SDK API Calls

These are the API calls I've found which are required to register a new bot for the Wire secure messaging application:

Bot API Calls

Bot/Account Provider Registration: https://prod-nginz-https.wire.com/provider/register
Bot Authentication: https://prod-nginz-https.wire.com/provider/login
Bot Service Registration: https://prod-nginz-https.wire.com/providers/services

Brisingr: Fortnite Tracker

I wanted to add a new module into Brisingr for anyone that wanted to pull their Fortnite stats. Started off with some Google searches to see if there was anything out there for an official API or one to call. I found an API through the Tracker Network, however, it appeared to be broken based on the API call responses I received.

There had to be some where where the Tracker Network was getting their stats from and I went search further.

I found in the Fortnite logs the following URLs which I have labeled as to what they appear to call and respond with data wise:

JIS-CTF Walkthrough

JIS-CTF
WARNING: There will be spoilers to obtaining the 5 keys on JIS-CTF VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.
General disclaimer: I am by no means an expert penetration tester nor do I have a lot of experience doing penetration testing. This walkthrough is from the perspective of an amateur whom is trying to become better. The goal is for me to eventially take the OCSP. That being said, I had a bit of help from some colleagues from my company getting started but they by no means gave me the answers. I will be posting some of my hardships from a beginner perspective.

Mr.Robot Walkthrough

WARNING: There will be spoilers to obtaining the 3 keys on Mr.Robot VM from Vulnhub. This is your warning! If you wish to penetration test this machine yourself, do not scroll down much further.
General disclaimer: I am by no means an expert penetration tester nor do I have a lot of experience doing penetration testing. This walkthrough is from the perspective of an amateur whom is trying to become better. The goal is for me to eventially take the OCSP. That being said, I had a bit of help from some colleagues from my company getting started but they by no means gave me the answers. I will be posting some of my hardships from a beginner perspective.

Brisingr: Version 2.0

Disclaimer: IRC League of Legends Bot isn’t endorsed by Riot Games and doesn’t reflect the views or opinions of Riot Games or anyone officially involved in producing or managing League of Legends. League of Legends and Riot Games are trademarks or registered trademarks of Riot Games, Inc. League of Legends © Riot Games, Inc.

There have been several versions that were updated before this release but not released for everyone else. Version 1.6, 1.7, and 1.9 were not publically released. In 2.0, a few modules were updated to fix some previously known bugs. All of the updates were done by SasCologne this time and are as follows:

Brisingr: Server Status Module

This module is useful for users to display the latest server issues regarding their region’s server for League of Legends.

It requires 2 libraries that should already have came with Python (urllib2 and json).

Syntax is pretty simple: !status [region] – it will display the English translation if there is one. It grabs the status directly from Riot’s site http://status.leagueoflegends.com. So whatever you see there is what the bot will pull (always grabs the latest update under Game Section)

This module will be included in version 1.2 of the bot when it is released as well.

Simply copy and paste the code below into a new file or download my copy which can be found below the code.