Filtering by category tryhackme

• 

  Brute It

  HTTP post form attack with Hydra and cat-ing passwd and the shadow file

  January 4, 2024
• 

  ConvertMyVideo

  Remote file execution through an api

  December 21, 2023
• 

  Hacker vs Hacker

  Gaining access to an already compromised machine and stopping a script that tries to kick us out

  September 15, 2023
• 

  Wgel CTF

  Enumeration and privilege escalation through wget with sudo permissions

  September 14, 2023
• 

  Lesson Learned

  SQL injection using `AND 1=1-- -` instead of `OR 1=1-- -`

  September 11, 2023
• 

  Cat Pictures 2

  Security through obscurity, exploiting a Ansible playbook script and a kernel exploit

  August 7, 2023
• 

  LazyAdmin

  RCE through command injection and priv esc through a backup script we can write to

  June 30, 2023
• 

  Kiba

  Exploiting Kibana Timelion to get a reverse shell and escalating with cap_setuid in Python

  June 30, 2023
• 

  Tomghost

  Exploiting Tomcat v9.0.30 (CVE-2020-1938) and privilege escalation through the zip binary with sudo permissions

  June 30, 2023
• 

  Agent T

  PHP v8.1.0-dev backdoor

  June 29, 2023