Cracking the passwords from the shadow and passwd files.

So you’ve managed to get root on a linux virtual machine, congrats! However this isn’t where the fun stops. From here you can access the files containing the usernames and their hashed passwords. These files are known as the passwd and shadow files. They can be combined into one file using the unshadow tool so […]

Login to ftp

So you have run an Nmap scan and you have open port 21 that has been identified as being ftp. What next? Run the NMap scan using the -A flag. This will tell you if the ftp allows anonymous login. The very simplest command you can enter at the prompt is: ftp Replace the […]

Finding the IP address of a Vulnerable Machine

So you’ve got your lab setup and you’ve been over to and you’ve downloaded a vulnerable virtual machine such as Kioptrix 1.1. You have managed to install the VM into your favourite hypervisor such as Virtual Box or VMWare and get it booted. You are presented at this stage with a login screen for […]

Finding hidden web pages

So you have booted up your vulnerable VM, found the IP address and run NMap to find the open services and ports. You have found a web server running on port 80 (http) or 443 (https). You load the IP address or domain in your browser but all you find are some default webserver pages […]

Pen Testing For Beginners

I started my journey to become a pen tester about a year ago. I began working in IT as a software tester about two years ago. Prior to this I was a special needs teacher for 17 years with a specialism in science. I know. What the hell am I doing? Well I actually really […]