Tag
This was an easy Linux machine that involved exploiting a WordPress plugin to gain access to the wp-config.php file which contained database credentials and uploading a malicious plugin into WordPress to gain remote access. Privilege escalation was then possible by exploiting a clear-text password left in the BASH history or an insecure cron job.
Read moreThe kernel is a component of the operating system that sits at the core of it, it has complete control over everything that occurs in the system. Because of this, exploiting vulnerabilities in the kernel will pretty much always result in a full system compromise.
Kernel exploits affect a certain version of a kernel or operating system and they are generally executed locally on the target machine in order to escalate privileges to system.
Read morePenTest+ is one of the most recent CompTIA cyber security certifications, it is designed for cyber security professionals or students who aspire to be in a role with an emphasis in penetration testing and the offensive side of cyber security.
It was initially released on the 31st July 2018 and since at the time I was preparing for OSCP and I had already done A+, Network+ and Security+ I thought this was the best way forward.
Read more