Showing posts from June, 2015

De-Ice 1.20b Walkthrough

Well 15 days back I have written Walk-through of De-Ice 1.120a On My Blog. I got great response by vulnhub and they published my walk-through,152/
With a such a warm encouragement I feel like writing more walk-through.

Here Is my walk-through on De-Ice 1.20b. You can download the VM and get more info about it form here.

Note: The attacker machine and the VM should be in the subnet of

Labsetup:  1 - Open Vmware - > Edit - >"Virtual Network Editor"
2 - Click on "Add Network" and add any 1 Network example VMnet2
3 - Select VMnet2 and change Subnet IP - and Subnet mask - also select "Host - Only"
4 - Now add this adapter VMnet2 for both the machine.

When you start the VM it looks something like this.

De-Ice 1.120a Walkthrough

Few days back my friend Chetan told to get hands on De Ice and Kioptrix series before taking PWK labs.The very next weekend I started with De-Ice . As my bridge network was on 192.168.1.x series I thought of doing De-Ice 1.120a just by bridging the VM. One of the awesome URL that I found today was .
Enumeration:I started with nmap as usual to find all the open ports. I usually use version detection and aggressive scan in nmap.

Underdist 3 Vulnerable VM Walkthrough

1) Initially I tried nmap to discover the open ports shown below.

Directory traversal cheat sheet

Step 1: Intercept the request where you would like to test directory traversal and file inclusion as shown below: