Writeups for all of the different CTFs I’ve done, mostly TryHackMe and HackTheBox in prep before starting the private OSCP and Proving Grounds labs. Will be doing more in the future to try to learn more advanced AV evasion and binary exploitation (the latter more for fun than usefulness).
OpenAdmin
An easy Linux box from HackTheBox, using an exposed admin panel for initial access, then pivoting around between users, until getting root with an SUID binary.
OpenSource
An easy Linux box from HackTheBox, using a file overwrite to get initial access, then chisel to get access to a service running on localhost, and then root via git GTFObins.
Pandora
An easy Linux box from HackTheBox, enumerating SNMP for initial access, then using a kernel exploit for root.
Paper
An easy Linux box from HackTheBox, getting access using a Wordpress exploit, and then a kernel exploit for root.
Secret
An easy Linux box from HackTheBox, decoding a JWT token for inital access, then a sudo exploit for root.