Root
Proving Grounds:
OffSec Proving Grounds (PG) Play and Practice is a modern network for practicing penetration testing skills on exploitable, real-world vectors.
- [[Jun. 10 2023]] DC-2
GTFOBins, Restricted environments, Wordpress attacks - [[Feb. 20 2024]] Muddy
XXE Injection (CVE-2019-1010268), Credential theft, PUT-method-WebDav, Cronjob privilege escalation - [[Feb. 20 2024]] Filmsy
Remote Code Execution, Cron Privilege Escalation - [[Feb. 20 2024]] Pebbles
Reflected XSS, Local File Inclusion, SQLi to RCE - [[Feb. 24 2024]] Codo
Default Credentials, File Upload to RCE, Priv Esc via Information Disclosure (Config files) - [[Feb. 24 2024]] Hub
Information Disclosure, File Upload, Remote Code Execution - [[Feb. 24 2024]] Exfiltrated
CVE-2018-19422-SubrionCMS-RCE, Cron Jobs, CVE-2021-22204(ExifTool)-Arbitrary Code Execution - [[May. 29 2024]] Exghost
FTP Bruteforce, Wireshark, CVE-2021-22204, CVE-2021-4034 - [[June 14 2024]] Hutch
Enumeration, Password in description, Password spraying, ms-mcs-AdmPwd abuse, DCSync - [[July 08 2024]] AuthBy
Password guessing/cracking, Arbitrary file upload --> RCE, SeImpersonatePrivilege(Juicy-Potato) - [[Aug. 10 2024]] Nickel
GET2POST, hardcoded credentials, pdf2john, API privilege escalation - [[Aug. 10 2024]] Shenzi
Least Privilege Violation(SMB), Guessable WP endpoint, PrivEsc; misconfigured registry settings(AlwaysInstallElevated) - [[Aug. 10 2024]] Slort
RFI2RCE, PrivEsc; Scheduled Task - [[Aug. 15 2024]] Nara
Active Directory, Phishing(.LNK upload to NTLM Theft), Crackmapexec, RID Brute, Bloodhound, ADCS(ESC1) - [[Aug. 15 2024]] BackupBuddy
LFI, id_rsa decryption, SUID PrivEsc