Tag
This was an intermediate Linux machine and the last in the Overpass TryHackMe series, it involved discovering a backup archive stored on the webserver, which contained encrypted user credentials that are then used to connect to the FTP server and uploading a PHP reverse shell to gain initial access. Root access was then obtained by exploiting an open NFS share with the no_root_squash option enabled.
Read moreThis was an easy Linux machine and the second in the Overpass TryHackMe series. It involved analyzing a capture file containing requests issued by an attacker to compromise the web server, escalate privileges to root and establish persistence, in order to understand the exact steps followed to do so, and then using that information to hack back into the host.
Read moreThis was an intermediate Linux machine that involved exploiting a remote code execution vulnerability in the CuteNews web application to gain initial access, exposed user password hashes to gain a user shell, and a vulnerability in the USBCreator D-Bus interface to escalate privileges to root.
Read moreThis was an intermediate Linux machine that involved exploiting a remote code execution in GitLab to gain initial access, an exposed root password and a misconfigured docker container to escalate privileges to root.
Read moreUdemy can be a great place for learning or honing many skills, it was one of the first places where I started studying cybersecurity and it definitely helped me a great deal in my journey. This review will show how to best use Udemy to your advantage to learn cybersecurity and penetration testing.
Read moreThis was an easy Linux machine that involved exploiting a blind SQL injection vulnerability in Joomla to gain initial access, exposed database credentials to gain user access, and the Yum package manager with Sudo permissions allowed to escalate privileges to root.
Read moreThis was an easy Windows box that involved exploiting a remote buffer overflow vulnerability in the Chatterbox application to gain initial access and using cached autologon credentials to execute a reverse shell as the Administrator user and escalate privileges.
Read moreThis was an easy Windows machine that involved uploading a web.config file onto a Windows ASP web server to gain remote code execution and exploiting token impersonation to escalate privileges to system.
Read moreWindows allows users to set specific programs to automatically start whenever the system boots, the list of programs that have this functionality enabled is stored in the Windows Registry. Although this feature can be very handy if startup programs are setup with improper permissions it may allow attackers to escalate privileges, as these programs are executed in the context of the user who is logging in at that point in time.
Read moreSudo is a program for Unix-like operating systems that allows users to run programs with the security privileges of another user, by default the superuser. It originally stood for “superuser do” as the older versions of Sudo were designed to run commands only as the superuser. It is commonly used in scenarios where normal users need to be able to perform actions as root.
Over the years, certain versions of Sudo were found to be affected by vulnerabilities that allowed attackers to escalate privileges to root, this guide will demonstrate how to identify a vulnerable Sudo version and how to exploit it in order to perform privilege escalation.
Read more