-
Breadcrumbs Writeup [HTB]
Breadcrumbs is a Windows based machine that was active since February 20th of 2021 to July 17th, on this machine we will have to follow a lot of different clues to get access as administrator user, first we will find a File Inclusion vulnerability that we will use to retrieve...
-
Starting on Infosec with ThyHackMe Pre Security
TryHackMe just released a new learning path, Pre Security, this path is made for absolute beginners on infosec, and not just infosec, people interested on system administration would get a great benefit from it since it touches a lot of basic concepts about networks and operating systems, Windows and Linux....
-
Ophiuchi Writeup [HTB]
Ophiuchi is a Linux based machined that was active since February 13th of 2021 to July 3rd, on this machine we will exploit a Java deserialization problem on snakeyaml to get command execution and access to the machine, then will find some credentials on configuration files of tomcat, finally we...
-
Tenet Writeup [HTB]
Tenet is Linux based machine that was active since January 16th of 2021 to June 12th, on this machine we will find a php file and its backup inside an Apache webserver, reviewing the code we will see that user input isn’t sanitized allowing us to perform PHP desrialization to...
-
ScriptKiddie Writeup [HTB]
ScriptKiddie is a Linux based machine that was active since February 6th of 2021 to June 5th, on this machine we will take advantage of an old version of metasploit exposed through a webpage to get command execution on the machine, then we will see that we can perform command...