Writeups for all of the different CTFs I’ve done, mostly TryHackMe and HackTheBox in prep before starting the private OSCP and Proving Grounds labs. Will be doing more in the future to try to learn more advanced AV evasion and binary exploitation (the latter more for fun than usefulness).
Irked
An easy linux box from HackTheBox, exploiting a CVE on an IRC server for initial access, and a misconfiguration for root
GoodGames
An easy Linux box from HackTheBox with a lot of steps, using SQLi and SSTI for initial access, then having to escape a docker container and incorrect binary permissions to get root.
Nunchucks
An easy Linux box from HackTheBox, using an SSTI to get initial access, and a work around how AppArmor works with perl to get root.
Bashed
A very easy Linux box from HackTheBox, exploiting a built in web shell and using bad permissions on an executable to get root.
Blocky
An easy Linux box from HackTheBox, downloading some configuration files and using proper wordpress enumeration to get root.