Tag
This was an easy Linux machine that involved exploiting an arbitrary code execution vulnerability in the Kibana web application to gain initial access and the Python3 binary with the cap_setuid capability assigned to escalate privileges to root.
Read moreThis was an easy Rick and Morty-themed Linux challenge that required to exploit a webserver to find 3 ingredients through local enumeration using a web console that will help Rick make his potion to transform himself back into a human from a pickle.
Read moreThis was a simple Linux machine that required to enumerate a web server and exploit a remote code execution vulnerability affecting Fuel CMS to gain initial access, and exposed clear-text database credentials to escalate privileges to root.
Read moreThis was an easy Linux machine that required to exploit a remote command execution backdoor affecting PHP 8.1.0-dev to obtain initial access and the Knife binary with Sudo permissions enabled to escalate privileges to root.
Read moreUser-Defined Functions in MySQL are used to extend the functionality by adding external code that will work the same as inbuilt functions. Certain versions of MySQL are affected by vulnerabilities that could allow attackers with database root access to execute code in the context of the MySQL process, which is often root, and escalate privileges.
Read moreThis was an easy Linux machine that involved exploiting a file upload functionality to gain initial access and a binary with the SETUID bit assigned to escalate privileges to root.
Read moreThis was an intermediate Linux machine that required hijacking a user session by abusing the “kid” JWT token parameter to gain initial access and exploiting a vulnerability in Docker to escape the container and obtain root privileges.
Read moreThis was an intermediate Linux machine that involved exploiting a remote file inclusion in the WordPress plugin to gain initial access and various misconfigurations with the Tar binary to escalate privileges to root.
Read moreThis was an intermediate Linux machine that involved deciphering a password encrypted using the Vigenere cipher to gain initial access, exploiting a cron job to escalate to the tweedledum user, cracking user hashes to escalate to the humptydumpty user, accessing a private SSH key on the machine to escalate to the alice user and exploiting a misconfigured Sudo rule to escalate privileges to root.
Read moreThis was an easy Linux machine that involved exploiting the Ghostcat vulnerability affecting Apache Tomcat to gain initial access, cracking the hash of a GPG private key and exploiting the Zip binary with Sudo permissions enabled to escalate privileges to root.
Read more