This Null Puliya session would walkthru the steps below which could be followed to find vulnerabilities, exploit these vulnerabilities and finally achieve system/ root.

Generally, we go through the following stages when solving a vulnerable machine:

  • Finding the IP address
  • Port Scanning
  • Rabbit Holes?
  • From Nothing to a Unprivileged Shell
  • Unprivileged Shell to Privileged Shell In this session, we will walk-thru, what can be done in each separate stage. Will provide Tips and Tricks for solving vulnerable VMs. Additionally Infrastructure PenTest Series : Part 2 - Vulnerability Analysis could be referred for exploitation of any particular services (i.e. it provides information such as “If you have identified service X (like ssh, Apache tomcat, JBoss, iscsi etc.), how they can be exploited”).

- Laptop with Virtual box and a vulnerable Machine (Any)
- Would suggest to have the vulnerable machine running on Host Only Interface, so that we can directly start.


Vijay Kumar


Starts at Saturday April 28 2018, 10:10 AM. The sessions runs for about 6 hours.