HackTheBox - Late Walkthrough
Late was an easy box from hackthebox.
HackTheBox - RouterSpace Writeup
RouterSpace was an easy box from hackthebox.
CVE-2022-22965 - Build and Exploit
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
HackTheBox - Timelapse Walkthrough
Timelapse was an easy box from hackthebox. To solve this machine we need some basic enumuration and basic knowledge about windows.
Pwnable.kr - fd Walkthrough
Mommy! what is a file descriptor in Linux?
Setup Docker for CTF
Using Docker to solve CTFs like HackTheBox, Tryhackme, and others...
Tunneling and Port Forwarding
Port tunneling or forwarding is a networking technique that allows traffic between local and remote machines. We use port tunneling when we either can’t reach a destination because it is protected behind a firewall or only accessible internally.
HackTheBox - Lame Writeup
Lame is the Easy level Hackthebox Machine.
Spawning TTY Shell
Each of the methods below is aimed to be a one-liner that you can copy/paste. As such they’re quite short lines, but not very readable.
HackTheBox - Luanne walkthrough
Luanne is the Easy level OpenBSD machine.Basic Enumuration and lua script does not sanitize the input from user which leads to remote code execution using the os.execute() and then after some enumuration find the id_rsa key for user r.michaels then decrypt the tar backup file and get the user r.micheals password and root part is pretty simple user r.mihaels has run the commmand doas as root user that leads to migrate from user to root privilage.