Category
This was a Windows machine that required to enumerate a WordPress instance to identify user credentials and remotely authenticate via RDP and exploit the Windows COM Vulnerability to escalate privileges to SYSTEM.
Read moreThis was an intermediate Linux machine that involved exploiting a deserialization vulnerability in the SnakeYaml parser to gain initial access, and a misconfigured WebAssembly binary with Sudo permissions set to escalate privileges to root.
Read moreThis was an easy Linux machine that involved finding database credentials contained in a backup WordPress instance to gain initial access and exploiting the /sbin/initctl binary with Sudo permissions to escalate privileges to root.
Read moreThis was an easy Linux machine that involved exploiting a backup disclosure issue in SweetRice CMS to gain remote execution and a misconfigured script with root permissions to escalate privileges to root.
Read moreThis was an intermediate Windows machine that involved exploiting a stack buffer overflow vulnerability to gain initial access and dumping and decrypting Mozilla Firefox credentials stored on the box to escalate privileges to system.
Read moreThis was an intermediate Linux machine that involved chaining a local file inclusion and remote code execution vulnerability to gain initial access, and exploiting an issue with the Chkrootkit software to escalate privileges.
Read moreThis was an intermediate Linux machine that involved exploiting a stack buffer overflow vulnerability to gain SYSTEM level access to the box.
Read moreThis was an easy Linux machine that involved exploiting a vulnerable file upload functionality to gain initial access and Python with the SetUID bit assigned to it to escalate privileges to root.
Read moreThis was an easy Linux box that involved exploiting a blind SQL injection vulnerability in CMS Made Simple to obtain initial access and the Vim text editor allowed to run as root to escalate privileges to root.
Read moreThis was an intermediate Linux box that involved exploiting a PHP deserialization vulnerability to gain initial access, and a vulnerable Bash script to overwrite the root user’s authorized SSH keys and escalate privileges.
Read more