Proving Grounds - BBSCute WriteupThe target is compromised via Remote Code Execution (RCE) in CuteNews v2.1.2 through a vulnerable avatar upload feature. Privilege escalation is achieved by abusing SUID permissions on /usr/sbin/hping3, enabling root-level command execution.
Proving Grounds - Dawn WriteupThis lab demonstrates the exploitation of a misconfigured SMB share and scheduled cron jobs to achieve remote code execution. By uploading malicious files to an open SMB share, the attacker leverages a cron job to execute them. Privilege escalation is accomplished through a misconfigured SUID binary, zsh, which provides root access.
Proving Grounds - Monitoring WriteupIn this lab, we exploit an authenticated remote code execution vulnerability in the Nagios XI monitoring software. The application is misconfigured to run with root privileges, allowing us to escalate immediately to root once the vulnerability is exploited.
Proving Grounds - Sar WriteupThis lab demonstrates how to exploit a remote code execution (RCE) vulnerability in a vulnerable version of sar2html. By discovering the application via the robots.txt file and leveraging the RCE, you gain an initial shell. Privilege escalation is achieved by exploiting a cronjob misconfiguration that allows overwriting a custom .sh script executed as root.
Proving Grounds - OnSystemShellDredd WriteupThis lab challenges you to exploit an exposed FTP service to uncover a hidden SSH private key, granting initial access to the system. From there, privilege escalation is achieved by leveraging a misconfigured SUID binary, cpulimit, to execute arbitrary commands as root.
Proving Grounds - FunboxEasy WriteupThis lab involves exploiting an SQL Injection vulnerability to leak credentials for a web application, leading to a file upload vulnerability that provides initial access. Privilege escalation is achieved via user password disclosure and multiple sudo misconfigurations, ultimately granting root access through tools like pkexec or time.
Proving Grounds - FunboxRookie WriteupIn this lab, an anonymous FTP server leaks a password-protected archive containing a private SSH key. The key allows initial access to the system, which is further exploited by recovering user credentials from a MySQL history file. Privilege escalation is achieved by exploiting unrestricted sudo access for the user.
Proving Grounds - CyberSploit1 WriteupIn this lab, attackers exploit weak credentials disclosed through a web application to gain SSH access to the system. Once a foothold is established, local privilege escalation is achieved by exploiting a vulnerable Linux kernel version (3.13.0-32-generic) using the overlayfs exploit.
Proving Grounds - Gaara WriteupIn this lab, you will exploit a system by brute-forcing credentials for the SSH service and escalating privileges by abusing misconfigured SUID permissions on /usr/bin/gdb. The lab highlights scenarios involving password brute-forcing and leveraging SUID binaries for privilege escalation.
Proving Grounds - Potato WriteupIn this lab, the target is exploited through bypassing PHP authentication, exploiting a local file inclusion (LFI) vulnerability, and cracking weak credentials. Privilege escalation is achieved by bypassing a directory restriction and leveraging misconfigured sudo permissions to execute arbitrary scripts as root.
Proving Grounds - Algernon WriteupThis lab demonstrates exploiting a remote code execution vulnerability in SmarterMail build 6985 to gain SYSTEM-level access on a Windows server. Learners will identify the application version, leverage an RCE exploit, and use a reverse shell payload to compromise the target. This lab emphasizes web application exploitation and highlights the risks of unpatched software.
Proving Grounds - InfosecPrep WriteupThis lab involves exploiting a disclosed SSH private key to gain initial access to a user account. The privilege escalation phase utilizes misconfigured SUID permissions on /bin/bash, allowing the user to escalate to root privileges.
TryHackMe - Blog Writeup"Billy Joel made a Wordpress blog! "
TryHackMe - CyberHeroes Writeup"Want to be a part of the elite club of CyberHeroes? Prove your merit by finding a way to log in!"
TryHackMe - GamingServer Writeup"An Easy Boot2Root box for beginners"
HTB/Hack The Boo 2023 CTF Event - HauntMart Writeup"An eerie expedition into the world of online retail, where the most sinister and spine-tingling inventory reigns supreme. Can you take it down?"
TryHackMe - Hijack Writeup"Misconfigs conquered, identities claimed."
TryHackMe - 0day Writeup"Exploit Ubuntu, like a Turtle in a Hurricane"
TryHackMe - Boiler CTF Writeup"Intermediate level CTF. Just enumerate, you'll get there."
TryHackMe - Valley Writeup"Can you find your way into the Valley?"
TryHackMe — GLITCH Writeup“Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?”
TryHackMe — Capture! Writeup“Can you bypass the login form?”
TryHackMe — Wgel CTF Writeup“Can you exfiltrate the root flag?”
TryHackMe — Juicy Details Writeup"A popular juice shop has been breached! Analyze the logs to see what had happened…"
TryHackMe — Bounty Hacker Writeup“You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker!”
TryHackMe — Pickle Rick Writeup“A Rick and Morty CTF. Help turn Rick back into a human!”
TryHackMe — Overpass Writeup“What happens when some broke CompSci students make a password manager?”