-
Armageddon Writeup [HTB]
Armageddon is a Linux based machine that was active since March 27th of 2021 to July 24th, on this machine we will exploit the well known Drupalgeddon vulnerability, crack the hash of the admin user of Drupal, and generate a malicious snap package that runs code when it’s installed so...
-
Breadcrumbs Writeup [HTB]
Breadcrumbs is a Windows based machine that was active since February 20th of 2021 to July 17th, on this machine we will have to follow a lot of different clues to get access as administrator user, first we will find a File Inclusion vulnerability that we will use to retrieve...
-
Starting on Infosec with ThyHackMe Pre Security
TryHackMe just released a new learning path, Pre Security, this path is made for absolute beginners on infosec, and not just infosec, people interested on system administration would get a great benefit from it since it touches a lot of basic concepts about networks and operating systems, Windows and Linux....
-
Ophiuchi Writeup [HTB]
Ophiuchi is a Linux based machined that was active since February 13th of 2021 to July 3rd, on this machine we will exploit a Java deserialization problem on snakeyaml to get command execution and access to the machine, then will find some credentials on configuration files of tomcat, finally we...
-
Tenet Writeup [HTB]
Tenet is Linux based machine that was active since January 16th of 2021 to June 12th, on this machine we will find a php file and its backup inside an Apache webserver, reviewing the code we will see that user input isn’t sanitized allowing us to perform PHP desrialization to...