Author
Vulnserver is a multithreaded Windows based TCP server that listens for client connections on port 9999 and it is primarily used for Stack Buffer Overflow exploitation practice.
I was suggested this great tool when preparing for my OSCP certification exam as I didn’t feel like confident enough when it came to Buffer Overflow.
Read moreWhen enumerating web applications, we often find ourselves in front of a file upload file that allows us to potentially upload malicious files onto the application, such as a PHP or ASP shell, although these will often have certain restrictions that will only allow certain file types, extensions, file names or contents.
Through this checklist, I hope to cover most of the possible bypass methods that can be used to get past this restriction.
Read moreI found this great material when preparing for my OSCP certification exam, I had already finished all of the exercises including the Buffer Overflow ones but I wanted to do some more practice as I wanted to be 100% ready on this subject to ensure I was getting the 25 points awarded for this machine.
Read moreThis was a very peculiar box, as it involved sending a password change link to a user from a web application in order to reset his password, uploading a PHP shell via SMB to gain remote code execution and therefore a shell, and using a password found in the underlying system’s bash history file to login as the administrator user
Read moreThis was a very easy box, as it involved logging into the Tomcat Web Application Manager using default credentials, deploying a new application using a malicious .war Java reverse shell and gaining a reverse shell by navigating to it.
Read moreThis is a Linux box that involved exploiting the PUT http method to upload a PHP script through which a reverse shell can be obtained, and then using a known vulnerability in the chkrootkit program to escalate to root.
Read morePrivilege escalation is a crucial step in the penetration testing lifecycle, through this checklist I intend to cover all the main vectors used in Windows privilege escalation, and some of my personal notes that I used in previous penetration tests.
Read moreI decided to subscribe to the Proving Grounds platform after failing my first OSCP exam attempt and after completing the virtual hacking labs platform, I was very intrigued by the fact that the machines in this platform were developed by Offensive Security and therefore I was sure the quality of the machines would live up to expectations.
Proving Grounds is a platform that allows you to practice your penetration testing skills in a HTB-like environment, you connect to the lab via OpenVPN and you have a control panel that allows you revert/stop/start machines and submit flags to achieve points and climb the leaderboard.
Read moreThis was an easy Windows machine that involved exploiting a directory traversal vulnerability in the Adobe ColdFusion web application to obtain user hashes, cracking them with an online hash lookup tool and using a scheduled task to gain remote access. Privilege escalation was possible through a Windows Kernel Exploit.
Read moreThis room is part of the TryHackMe’s Offensive Pentesting learning path, which is something a lot of people use when preparing for their OSCP exam. This was one of the first rooms and it involved attacking a web application exploiting a file upload functionality, bypassing file extension whitelisting, and exploiting a SUID binary to escalate privileges.
Read more