Author
This was a very easy Linux box which involved gaining a user shell by exploiting the really common Shellshock Linux vulnerability and escalating privileges to root by exploiting Perl which could be executed using sudo.
Read moreThis was an easy Windows box that involved extracting and cracking hashes from a Windows .vhd backup image to gain initial access and exploiting a vulnerability in mRemoteNG that allowed to decrypt stored passwords to escalate privileges to SYSTEM.
Read moreToken impersonation is a technique through which a Windows local administrator could steal another user’s security token in order to impersonate and effectively execute commands as that user.
That are certain privileges in Windows that, if enabled, could lead to an attacker escalating privileges to SYSTEM, through various tools that have been designed to specifically exploit this vulnerability.
Read moreThis was an intermediate Linux machine that involved exploiting a stack buffer overflow vulnerability to gain an initial foothold and an SUID binary similar to the man command to escalate privileges to root
Read moreWindows systems and applications often store clear text, encoded or hashed credentials in files, registry keys or in memory.
When gaining initial access to a Windows machine and performing privilege escalation enumeration steps, often passwords can be found through these means and they can be used to further escalate privileges.
Read moreThis was an easy Linux box that involved exploiting a vulnerability that allowed to remotely download and execute files to gain initial access, using Steganography to escalate to the mardov user and exploiting a custom SUID binary to gain root access.
Read moreTmux is an open-source terminal multiplexer for Unix-like operating systems. It allows multiple terminal sessions to be accessed simultaneously in a single window.
It is useful for running more than one command-line program at the same time. It can also be used to detach processes, allowing remote sessions to remain active without being visible.
Read moreSudo is a Linux utility that allows users to run commands with the privileges of another user, when no arguments are provided, this will execute the command as the root user.
If sudo is not configured correctly, this could allow attackers to escalate their privileges to root.
Read moreThis was an easy Windows box that involved exploiting a remote command execution vulnerability in the Rejetto HTTP File Server web application to gain an initial foothold and exploiting an overflow vulnerability in a version of Windows 8.1 (MS16-098) to escalate to system.
Read moreThe eLearnSecurity Junior Penetration Tester (eJPT) penetration testing practical certification provided by eLearnSecurity, a cyber security company that develops cyber security courses that are delivered electronically and that allow students to obtain corresponding certifications.
I decided to sign up for this certification a couple of years before obtaining my OSCP certification as a lot of people recommended this course as a start.
Read more