📄️ Express
UDP Port Scanning
📄️ BadPlugin
| Port | State | Service |
📄️ cineHack
Hostname Discovery
📄️ Cracker
| Port | State | Service |
📄️ HereBash
Web Server Enumeration
📄️ Cachopo
This walkthrough details the process of exploiting a command injection vulnerability in a web application to gain remote code execution and ultimately escalate privileges to root on a target system. The attack leverages Base64 encoding to bypass input sanitization, followed by hash cracking to obtain the root password. It also emphasizes the importance of verifying file integrity during data exfiltration.
📄️ Wallet
Web Server Enumeration
📄️ Eclipse
This report details the exploitation of a Remote Code Execution (RCE) vulnerability in Apache Solr 8.3.0, leading to a reverse shell and subsequent privilege escalation to root using a SUID binary.
📄️ Seeker
Exploring the Web Server
📄️ Fileception
This engagement involved compromising a Linux system through a combination of service enumeration, steganography analysis, and privilege escalation. The attack path exploited misconfigured services, weak credential storage practices, and excessive sudo privileges. Key vulnerabilities included anonymous FTP access, hidden data in image files, and insecure credential storage in base64 encoding.
📄️ ChocolateFire
1. Network Enumeration