-
Tenet Writeup [HTB]
Tenet is Linux based machine that was active since January 16th of 2021 to June 12th, on this machine we will find a php file and its backup inside an Apache webserver, reviewing the code we will see that user input isn’t sanitized allowing us to perform PHP desrialization to...
-
ScriptKiddie Writeup [HTB]
ScriptKiddie is a Linux based machine that was active since February 6th of 2021 to June 5th, on this machine we will take advantage of an old version of metasploit exposed through a webpage to get command execution on the machine, then we will see that we can perform command...
-
A Quick Shot into Active Directory Attacks
This blog is no meant to be a complete description about all the attacks showed, but a quick look into the common attacks in Active Directory environments and how to prevent them, if you want to get a deep understanding about the vulnerabilities please check the links at the end...
-
Ready Writeup [HTB]
Ready is a Linux based machine that was active since December 12th of 2020 to May 15th of 2021, on this machine we will exploit two vulnerabilities on Gitlab that chained together will allow us to get command execution on the machine, looking at the configuration files we will find...
-
A Review on PentesterAcademy Suscription
When we talk about Pentester Academy we usually think about its Red Team Labs, which according to some people are one of the closest labs to real environments together with Rastalabs RTO, but what about its suscription?, its been there for a long time, some people recomend some of the...