Home
This is my personal site centered around InfoSec - I post research, projects and CTF writeups whenever I get the chance :) .
An easy Windows box from HackTheBox, getting initial acces by uploading a SCF file for SSRF and bruteforcing authentication, then using printnightmare to get SYSTEM.
An easy Windows box from HackTheBox, using an unsecured FTP server and file upload to get initial access, then a version CVE for SYSTEM.
An easy Linux box from HackTheBox, using heartbleed for initial access, and then taking over a tmux session to get root.
An easy Linux box from HackTheBox, using a second order SQLi for initial access, and then finding a password in a config file for root.
An easy Linux box from HackTheBox, using shellshock for initial access, and then a misconfigured perl binary for root.