Filtering by category tryhackme

• 

  Library

  Brute forcing SSH access and escalating using a poorly configured sudo rule

  December 27, 2024
• 

  CyberLens

  Exploiting Apache Tika 1.17 with MetaSploit and abusing `AlwaysInstallElevated` to escalate to SYSTEM

  December 26, 2024
• 

  Lookup

  Using FFUF to brute force a user name and password and abusing a binary to read files as root

  December 16, 2024
• 

  Anonforce

  Anonymous FTP access and cracking a private GPG key file

  August 27, 2024
• 

  Brooklyn Nine Nine

  Steganography and a GTFOBin for Nano and Less

  August 26, 2024
• 

  Easy Peasy

  Finding hidden directories, using steghide and abusing a cronjob to escalate to root

  August 23, 2024
• 

  Enumeration & Brute Force

  Brute forcing basic auth with Hydra and a OTP with a custom python script

  August 3, 2024
• 

  mKingdom

  Using default credentials to access the CMS, uploading a malicious PHP file to get RCE and escalating privileges using write access to /etc/hosts

  June 28, 2024
• 

  Cyborg

  Cracking the password of a Borg archive and abusing permissions to execute code as root

  May 18, 2024
• 

  Ignite

  Exploiting FuleCMS v1.4 and escalating to root with password reuse

  May 18, 2024