Root
TryHackMe:
Discover CyberSecLabs. With our growing platform delivering beginner hacking content to advanced active directory labs.
- [[June 23 2023]] Source
Webmin, Metasploit - [[June 24 2023]] Agent Sudo
BruteForce, Redirections, Steganography - [[Aug. 10 2023]] Simple CTF
Unauthenticated SQLI, Encoding - [[Sep. 07 2023]] ZSCTF1
Authorization Bypass, Pass-The-Hash - [[Sep. 10 2023]] Kiba
Prototype Pollution, RCE, Capabilities - [[Sep. 15 2023]] ZSCTF2
RCE, Docker Privilege Escalation - [[Sep. 17 2023]] ZSCTF4
WP-Unauthenticated RCE, Cron jobs, Nano priv Esc - [[Sep. 22 2023]] Bounty Hunter
SSH bruteforce, Tar Privilege Escalation - [[Oct. 19 2023]] Lazy Admin
File Disclosure, RCE, Sudo privilege escalation - [[Oct. 19 2023]] tomghost
File read/inclusion, .pgp/.asc decryption, zip Priv Esc via Sudo - [[Oct. 19 2023]] Ignite
Fuel CMS RCE, Passowrd in Config file - [[Oct. 20 2023]] Startup
FTP file Inclusion, pcapng file analysis, cronjob - [[Oct. 20 2023]] Brooklyn Nine Nine
steganography, sudo privilege escalation - [[Oct. 20 2023]] Wgel CTF
leaked id_rsa, Priv Esc via wget - [[Oct. 21 2023]] Hijack
restricted nfs bypass, rate-limit bypass, cookie bruteforce, path hijack - [[Oct. 23 2023]] Year of the Rabbit
steganography, sudo X vi Priv Esc - [[Oct. 24 2023]] Lian_Yu
ffuf, steganography, pkexec privilege escalation - [[Oct. 24 2023]] Gaming Server
ssh2john, lxd privilege escalation - [[Oct. 25 2023]] Chocolate Factory
Command injection, lateral movement, vi privilege escalation - [[Oct. 26 2023]] ColddBox
wpscan, RCE, vim privilege escalation - [[Nov. 24 2023]] Plotted-TMS
Enumeration, Unrestricted File Upload, doas x openssl privilege escalation - [[Feb. 03 2024]] Reset
SMB Ntlm_Theft, BloodHound, Abusing ACEs, Constrained Delegations - [[Feb. 09 2024]] Kenobi
Information disclosure, ProFTPd Mod_copy (CVE-2015-3306), Path Variable Manipulation - [[Mar. 08 2024]] Opacity
Remote file Upload, .kdbx decryption, PHP privilege escalation - [[Mar. 11 2024]] Retro
Directory fuzzing, wpscan, SeImpersonatePrivilege - [[Jul. 05 2024]] Publisher
Fuzzing, SPIP form PHP Injection, Broken IAM, Apparmor