HackTheBox Hack The Box Business CTF 2021: BBQ Writeup of the fullpwn challenge called BBQ from HackTheBox Business CTF 2021
HackTheBox Hack The Box Business CTF 2021: Larablog Writeup of the web challenge called Emergency from HackTheBox Business CTF 2021
HackTheBox Hack The Box Business CTF 2021: Emergency Writeup of the web challenge called Emergency from HackTheBox Business CTF 2021
HackTheBox Hack The Box Business CTF 2021: NoteQL Writeup of the web challenge called NoteQL from HackTheBox Business CTF 2021
HackTheBox Hack The Box Business CTF 2021: Time Writeup of the web challenge called Time from HackTheBox Business CTF 2021
HackTheBox Hack The Box Business CTF 2021: discordvm Writeup of the misc challenge called discordvm from HackTheBox Business CTF 2021
HackTheBox Hack The Box: Breadcrumbs New weekly challenge that contains forging of Json Web Tokens, bruteforcing of session cookies, SQLi and more.
Red Team Discord DLL Hijacking By hijacking a DLL we can use Discord as a way of getting persistence on a compromised system. Nothing new but a fun experiment nonetheless.
CVE CVE-2020-27985 - Security Onion - Local Privilege Escalation Security Onion V2 (prior to v2.3.10) has an incorrect sudo configuration, which allows local users to obtain root access by editing and executing /home/USERNAME/SecurityOnion/setup/so-setup without supplying a password.
DIY Ho-Ho-Honeypot The holiday season is nearly upon us and it's time to get into the christmas spirit. And what better way to do exactly that than to combine a christmas tree with cyber security?
TryHackMe TryHackMe: Ra New weekly challenge on THM. This writeup covers CrackMapExec, Evil-WinRM, a new CVE in Spark and more.
TryHackMe TryHackMe: Wonderland New week, new challenge. This is my writeup of the Wonderland machine.
CVE CVE-2020-13448 - QuickBox - Authenticated RCE/Privilege Escalation QuickBox CE <= v2.5.5 and QuickBox Pro <= 2.1.8 are both affected by an authenticated remote code execution (RCE) and privilege escalation vulnerability. A low-privileged user can execute arbitary commands on the server with the privileges of the user running the web server...
HackTheBox Hack The Box: RedCross Info Name: RedCross IP Address: 10.10.10.113 Operating System: Linux Difficulty: 6.3/10 Base Points: 30 Enumeration As always we start with a nmap scan to determine which ports are
Vulnhub Vulnhub: DC-4 Info Name: DC-4 Operating System: Linux Url: http://www.five86.com/dc-4.html Release: 26 Mar 2019 Difficulty: Beginner/Intermediate Description: DC-4 is another purposely built vulnerable lab with the intent of gaining
Writeup Lin.Security Info Name: Lin.Security Operating System: Linux Url: https://in.security/lin-security-practise-your-linux-privilege-escalation-foo/ Release: 11 Jul 2018 Difficulty: ??? Description: We have configured the box to simulate real-world vulnerabilities (albeit on a single host) which
Vulnhub Vulnhub: DC-3 Info Name: DC-3 Operating System: Linux Url: http://www.five86.com/dc-3.html Release: 26 Mar 2019 Difficulty: Beginner Description: DC-3 is another purposely built vulnerable lab with the intent of gaining experience
Vulnhub Vulnhub: DC-2 Today we are solving DC-2. This machine is created by DCAU7 who also created DC-1. Even though the machine is for beginners I figured I could try and solve it anyway.
Vulnhub Vulnhub: RootThis 1 Info Name: RootThis: 1 Operating System: Linux Url: https://www.vulnhub.com/entry/rootthis-1,272/ Release: 5 Dec 2018 Difficulty: ??? Description: N/A Enumeration As usual, let's start with a nmap scan to
Vulnhub Vulnhub: unknowndevice64 Today we are solving "unknowndevice64" from Vulnhub - the most recent machine as of this writing.
Vulnhub Vulnhub: ch4inrulz: 1.0.1 This is a writeup of how I solved CH4INRULZ. We go from a local file inclusion vulnerability, to bypassing an image upload, to RCE and finally a privilege escalation using DirtyCow. Let's go!
Vulnhub Vulnhub: digitalworld.local: MERCY v2 From the author of the machine: MERCY is a machine dedicated to Offensive Security for the PWK course, and to a great friend of mine who was there to share my sufferance with me. :-) This is my writeup of this machine.
Vulnhub Vulnhub: Casino Royale 1 This is a writeup of the recently released Casino Royale: 1 machine from Vulnhub