Main Page

From aldeid
Jump to navigation Jump to search

Pentesting   •    Web Exploitation   •    Cryptography   •    Forensics   •    Reversing   •    Binary Exploitation   •    CTF

email twitter github RSS


Vulnhub > Cherry 1

Tue, 22 Sep 2020 18:21:00 +0000

Easy challenge involving web enumeration, source code disclosure vulnerability, and privilege escalation.

Read more


Vulnhub > Chili 1

Sun, 20 Sep 2020 18:21:00 +0000

Brute force an FTP account and add a privileged account in a world-writable "/etc/passwd" file to get the root flag.

Read more


HackTheBox > Machines > OpenKeyS

Sat, 19 Sep 2020 21:13:00 +0000

Exploit an authentication bypass vulnerability and the CVE-2019-19520 vulnerability to get the user and root flags on an OpenBSD target.

Read more


TryHackMe > Jacob the Boss

Sat, 19 Sep 2020 08:17:00 +0000

Easy challenge around the discovery and exploitation of JBOSS vulnerabilities.

Read more


HackTheBox > Machines > Tabby

Thu, 17 Sep 2020 20:08:00 +0000

Easy difficulty challenge combining several interesting techniques enumeration, local file inclusion, password protected archive, upload of a reverse shell in the Tomcat manager, privilege escalation via custom image to exploit the lxd container.

Read more


HackTheBox > Machines > Cache

Thu, 17 Sep 2020 06:45:00 +0000

Medium difficulty challenge where you'll need to dicover hidden locations to discover credentials, reveal hidden virtual hosts, exploit a vulnerable application with SQL injection, find a remote execution exploit, exploit memcached and docker. A lot of content to learn!

Read more


HackTheBox > Machines > Admirer

Sat, 12 Sep 2020 14:14:00 +0000

Enumerate the machine and discover a vulnerable adminer application. Exploit it to get an initial shell. Hook a python library to elevate your privileges and get a root access.

Read more


HackTheBox > Machines > Blunder

Tue, 8 Sep 2020 21:00:00 +0000

Interesting challenge, with a CMS that I was not aware of: Bludit CMS.

Read more


TryHackMe, Jeff

Sun, 6 Sep 2020 22:00:00 +0000

This is the hardest TryHackMe challenge that I've done so far, but also the most interesting one. You'll need to go through many steps before accessing the user flag. It combines hidden locations, virtual hosts, password protected backup files, Wordpress enumeration, docker evasion, restricted bash evasion, and much more. Very nice challenge!

Read more


TryHackMe, Mindgames

Fri, 4 Sep 2020 21:03:00 +0000

The user flag is quite easy to get, but the root flag requires a privilege escalation that is a bit challenging. You'll need to exploit the capabilities of openssl and compile your own *.so library.

Read more

Older entries »