Filtering by category tryhackme

• 

  Epoch

  RCE through command injection in an url parameter

  June 29, 2023
• 

  Git Happens

  Using git-dumper to download the repo and using git history to find credentials

  June 29, 2023
• 

  Glitch

  RCE through POST parameter and privilege escalation through a FireFox profile

  June 24, 2023
• 

  Opacity

  RCE through command injection, cracking a Keepass database and exploiting permissions on a script

  June 14, 2023
• 

  Dogcat

  Exploiting an LFI and breaking out of a Docker container

  June 9, 2023
• 

  Valley

  Web enumeration, pcacp investigation and privilege escalation through a Python cronjob with root permissions

  June 2, 2023
• 

  Capture!

  Custom python script for brute forcing with username and password dictionaries

  May 6, 2023
• 

  Mustacchio

  XML external entity (XXE) injection and privilege escalation through a binary with a relative path

  August 24, 2021
• 

  VulnNet: Node

  NodeJS serialization exploit and privilege escalation through NPM and sudo on vulnnet-job service

  August 24, 2021
• 

  Year Of The Rabbit

  Web enumeration, FTP brute force with custom password list, decoding a Brainfuck script and privilege escalation with non root sudo permission on vi

  August 18, 2021