Home
This is my personal site centered around InfoSec - I post research, projects and CTF writeups whenever I get the chance :) .
A hard Linux box from TryHackMe, brute force a wordpress page for initial access, then pivot to a locally running Jenkins instance for root.
A medium box from TryHackMe, grabbing creds from an anonymous smb share, then using them with EternalBlue for SYSTEM.
A hard Linux box from TryHackMe, use a SQLi in the particular joomla version to get access, finding a password to pivot, and then using GTFObins yum for root.
An easy Windows box from TryHackMe, get initial access through Jenkins groovy script, and abusing SeImpersonatePrivelege user rights to get SYSTEM.
An easy Linux box from TryHackMe, use a SQLi for initial access, expose a local service with a reverse tunnel and exploit the version for root.