Filtering by category hackthebox
-
LinkVortex
Finding a dev subdomain with a git repo, getting credentials from the git repo, abusing a CVE in Ghost CMS to read files and finding more credentials. Getting root through an bash script and a double symlink
-
Cicada
Ldap search for users and smb enum. User has SeBackupPrivilege and SeRestorePrivilege to backup the ntds.dit and system hive
-
Atom
Malicious PDF file to remote code execution and abusing Redis to get the admin credentials