Airplane from TryHackMe is an interesting box where we exploit a path traversal to read the cmdline of a process running on a non-standard port to find it’s gdb server, we exploit that to get...

Backdoor from HackTheBox starts with a directory traversal vulnerability we find on a wordpress plugin allowing us to read process’s cmdline and find gdbserver listening on a port, we upload ...

NanoCherryCTF from TryHackMe revolves around brute forcing and fuzzing web applications to gain foothold. then we exploit a cron job and extract and image from an audio file to get root. Enu...

Expose from TryHackMe starts with a login page vulnerable to sqli revealing secret pages where we can upload file. We bypass a local filter and upload a php reverse shell, once on the box we ...

Description: GreenHorn from HackTheBox start with finding the source code of an application in a Gitea instance. We retrieve the login password and exploit an RCE to get a foothold. We find ...

The Sticker Shop from TryHackMe is a simple web challenge where we exploit an XSS vulnerability to read the flag. Enumeration Web This is a web challenge and the website can be found on po...

Lookback from TryHackMe starts with a command injection on a website giving us foothold, then we exploit an RCE on MS exchange to get administrator. Enumeration nmap We start a nmap scan u...

Lookup from TryHackMe start with a credential brute force of a website, when the correct creds found we get redirected to a subdomain running an application vulnerable to command injection, w...

Whiterose from TryHackMe starts with a website vulnerable to IDOR allowing us to read a password and access a privileged account. The new user can update passwords of users but the template i...

Hammer from TryHackMe requires us to bypass an authentication on a website and gain rce. We do that by brute forcing a password recovery code to reset the password and gain access to the weba...