Inject from HackTheBox has a website vulnerable to path traversal allowing to read files and identify a dependency running on the website that’s vulnerable to rce giving us a foothold. Once i...

U.A. High School from TryHackMe contains a hidden php file on a web server that we fuzz for parameters and find it executes os commands and we exploit that to get a shell. After that we find ...

Airplane from TryHackMe is an interesting box where we exploit a path traversal to read the cmdline of a process running on a non-standard port to find it’s gdb server, we exploit that to get...

Backdoor from HackTheBox starts with a directory traversal vulnerability we find on a wordpress plugin allowing us to read process’s cmdline and find gdbserver listening on a port, we upload ...

NanoCherryCTF from TryHackMe revolves around brute forcing and fuzzing web applications to gain foothold. then we exploit a cron job and extract and image from an audio file to get root. Enu...

Expose from TryHackMe starts with a login page vulnerable to sqli revealing secret pages where we can upload file. We bypass a local filter and upload a php reverse shell, once on the box we ...

Description: GreenHorn from HackTheBox start with finding the source code of an application in a Gitea instance. We retrieve the login password and exploit an RCE to get a foothold. We find ...

The Sticker Shop from TryHackMe is a simple web challenge where we exploit an XSS vulnerability to read the flag. Enumeration Web This is a web challenge and the website can be found on po...

Lookback from TryHackMe starts with a command injection on a website giving us foothold, then we exploit an RCE on MS exchange to get administrator. Enumeration nmap We start a nmap scan u...

Lookup from TryHackMe start with a credential brute force of a website, when the correct creds found we get redirected to a subdomain running an application vulnerable to command injection, w...