Publisher from TryHackMe has a website vulnerable to rce giving us foothold, after that we bypass apparmor restrictions so we can exploit an SUID binary to get root. Enumeration nmap We st...

CheeseCTF from TryHackMe has a login page on a website vulnerable to SQLi allowing us to bypass the login and access the dashboard. After that we find an LFI which we exploit to get a foothol...

Boardlight from HackTheBox is running a website vulnerable to code injection givin us a foothold. We find a password inside a config file which we use to elevate our privileges. Then we find ...

Mailing from HackTheBox is a windows box running hmailserver and a IIS web server, the website is vulnerable to file read allowing us to read password of the hmailserver. After that we use an...

Description: Usage from HackTheBox is running a website vulnerable to an sql injection allowing us to dump the database and get a password hash, we crack it and login to an admin page runnin...

Description: Headless from HackTheBox is an easy box where we exploit an XSS vulnerability to get admin cookie which gives us access to the admin dashboard. There we find a command injection...

Description: Perfection from HackTheBox. The machine has a website for calculating weighted grades. There is a filter for malicious input but it can be bypassed with a new line to exploit a ...

Description: Bizness from HackTheBox is running a version of Apache Ofbiz vulnerable to Authentication bypass and remote code execution giving us a foothold on the server. After that we find...

Description: Creative from TryHackMe has a website vulnerable to SSRF allowing us to read files on the system, so we read a private ssh key and get a foothold. A sudo entry with LD_PRELOAD i...

Description devvortex from HackTheBox runs a Joomla CMS vulnerable to information disclosure where we get credentials of the database that also work for the administrator page, we login and ...