• Home
  • CTF Walkthroughs
    • Hack The Box
    • TryHackMe
    • VulnHub
  • Guides
    • Enumeration
    • Privilege Escalation
      • Linux
      • Windows
    • Web
    • Buffer Overflow
      • Stack Buffer Overflow
  • Reviews
    • Certifications
    • Training Labs
    • Learning Material
  • Resources
    • Cheat Sheets
    • Checklists
  • About
Steflan’s Security Blog
CTF Walkthroughs, TryHackMe

TryHackMe – Hacking with PowerShell Walkthrough

Introduction

This was a room that taught the basics of PowerShell, how to perform enumeration on Windows with Powershell and the fundamentals of PowerShell scripting.

Read more
July 30, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, Hack The Box

Hack The Box – Armageddon Walkthrough

Introduction

This was a very easy Linux machine that required to exploit the Drupalgeddon2 vulnerability and finding clear-text database credentials in order to gain remote access to the host, and the Snap binary with Sudo permissions enabled to escalate privileges to root.

Read more
July 27, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, TryHackMe

TryHackMe – Wonderland Walkthrough

Introduction

This was an easy Linux machine that involved performing content discovery against a web application to identify the SSH password of a user to obtain initial access and exploit various vulnerable Linux binary to escalate privileges to root.

Read more
July 25, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, TryHackMe

TryHackMe – Bounty Hacker Walkthrough

Introduction

This was a very easy Linux machine that involved bruteforcing user credentials via SSH to gain initial access and exploiting the Tar binary with Sudo permissions enabled to escalate privileges to root.

Read more
July 24, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, Hack The Box

Hack The Box – Sense Walkthrough

Introduction

This was an easy BSD box that involved identifying user credentials for a pfSense instance and exploiting a known command injection vulnerability affecting the product to gain root-level access on the machine.

Read more
July 22, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, VulnHub

VulnHub – SkyTower Walkthrough

Introduction

This was an easy Linux machine that involved exploiting a SQL injection vulnerability to gain initial access, clear-text database credentials and miconfigured Sudo rules to escalate privileges to root.

Read more
July 20, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, Hack The Box

Hack The Box – Breadcrumbs Walkthrough

Introduction

This was a hard Windows machine that involved exploiting a directory traversal vulnerability to forge session cookies and hijack an admin user’s session, a file upload functionality through which remote command execution can be obtained, and a SQL injection vulnerability to escalate privileges to Administrator

Read more
July 19, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, Hack The Box

Hack The Box – Buff Walkthrough

Introduction

This was an easy Windows machine that involved exploiting an unauthenticated remote code execution vulnerability through file upload bypass affecting Gym Management System to gain initial access and a buffer overflow vulnerability in the CloudMe software to escalate privileges to Administrator.

Read more
July 15, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, TryHackMe

TryHackMe – Corp Walkthrough

Introduction

This was an easy Windows machine that involved exploiting a Kerberoastable service account to gain initial access and using a base64-encoded password stored in an unattended installation file to escalate privileges to Administrator.

Read more
July 14, 2021 | by Stefano Lanaro | Leave a comment
Share
CTF Walkthroughs, Hack The Box

Hack The Box – Atom Walkthrough

Introduction

This was an intermediate Windows machine that involved exploiting a vulnerability in Electron-Builder to gain initial access, a clear-text Redis password, and a vulnerability in Portable Kanban to decrypt the administrator password and escalate privileges.

Read more
July 12, 2021 | by Stefano Lanaro | Leave a comment
Share
Older posts
Newer posts
  • Home
  • About
Powered by Piemont - Premium Wordpress Theme
×

  • Navigation

    • Home
    • CTF Walkthroughs
      • Hack The Box
      • TryHackMe
      • VulnHub
    • Guides
      • Enumeration
      • Privilege Escalation
        • Linux
        • Windows
      • Web
      • Buffer Overflow
        • Stack Buffer Overflow
    • Reviews
      • Certifications
      • Training Labs
      • Learning Material
    • Resources
      • Cheat Sheets
      • Checklists
    • About

  • About StefLan Security

    I am a penetration tester and cyber security / Linux enthusiast.

    Through this blog, I would like to share my passion for penetration testing, hoping that this might be of help for other students and professionals out there. I will be more than glad to exchange ideas with other fellow pentesters and enthusiasts.

  • Recent Posts

    • OffSec Web Expert (OSWE) Review November 11, 2025
    • Certified Read Team Operator (CRTO) Review January 2, 2025
    • Certified Red Team Expert (CRTE) Review April 16, 2024
    • TryHackMe – Nax Walkthrough April 8, 2024
    • Certified Azure Red Team Professional (CARTP) Review December 23, 2023