This is my personal site centered around InfoSec - I post research, projects and CTF writeups whenever I get the chance :) .


An easy Linux box from HackTheBox, use a cool ticket trick to get an email on the domain, then create an account on the messaging service with it to see private messages from root and plaintext ssh creds, then dump hashes from the database and crack them for root.

Read more →


A medium Windows box from HackTheBox, enumerate users by scraping pdf data off of a web site, and use a password spray attack to get SMB access, through that get another user’s NTLM hash by abusing a custom script and finally abuse ReadGMSAPassword privileges to craft a TGT as administrator and get root.

Read more →


A medium Linux box from HackTheBox, exploit a SQLi to get admin creds to phpmyadmin to upload a webshell and get initial access, then exploit command injection in a script with sudo privileges to elevate to a user and use a SUID enabled systemctl from there to get root.

Read more →