Home

  • πŸ•‘ Saturday, 15 August 2020 | πŸ“– 9 minutes

    VulnHub - Sunset Midnight 1

    835b797b1e2e3a1bd8c520ebcfe40a9f.png

    0. Preface

    This is a very straightforward machine. There is a small rabbithole right at the start with the Simply Poll plugin, though.

    In this box, we will be tackling:

    1. Weird Hydra results.
    2. Resetting WordPress passwords through the database.
    3. Getting a reverse shell using a WordPress β€œplugin”.
    4. Exploiting an SUID binary

    Continue Reading...


  • πŸ•‘ Wednesday, 12 August 2020 | πŸ“– 8 minutes

    VulnHub - So Simple 1

    92fcd502bc744111ad87e3b395653453.png

    0. Preface

    If you are still using Social Warfare 3.5.0 on WordPress, please update that plugin. Also, don’t leave users hanging around in the LXD group. Both of those are bad for health.

    In this box, we will be tackling:

    1. RCE through Social Warfare 3.5.0
    2. Two different methods of privilege escalation
      • Using LXD (unintended)
      • Using GTFOBins and some scripts and binaries

    Continue Reading...


  • πŸ•‘ Sunday, 09 August 2020 | πŸ“– 8 minutes

    VulnHub - Photographer 1

    c964c59d0d3aa473b6b4b450f8e9fdf6.png

    0. Preface

    This box is a pretty straightforward one. Just gotta sift through the LinPEAS output and you’re pretty much golden for privilege escalation.

    In this box, we will be tackling:

    1. Koken CMS exploit
    2. Careful reading through LinPEAS output

    Continue Reading...