Relevant
A medium box from TryHackMe, grabbing creds from an anonymous smb share, then using them with EternalBlue for SYSTEM.
Daily Bugle
A hard Linux box from TryHackMe, use a SQLi in the particular joomla version to get access, finding a password to pivot, and then using GTFObins yum for root.
Daily Bugle
A hard Linux box from TryHackMe, use a SQLi in the particular joomla version to get access, finding a password to pivot, and then using GTFObins yum for root.
Daily Bugle
A hard Linux box from TryHackMe, use a SQLi in the particular joomla version to get access, finding a password to pivot, and then using GTFObins yum for root.
Alfred
An easy Windows box from TryHackMe, get initial access through Jenkins groovy script, and abusing SeImpersonatePrivelege user rights to get SYSTEM.