How to configure SSL on EC2 instance for free
The post is a walkthrough on how to configure ssl on linux instances. This can also be helpful when exploiting CORS.
0 Comments
December 7, 2021
Doctor hackthebox walkthrough
Doctor is an easy linux machine from hackthebox. The initial foothold exploits SSTI/XSS and with splunkd you get the privilege escalation
January 12, 2021
Ghoul hackthebox walkthrough – Part 2
Ghoul is a hard linux machine from hackthebox The privilege escalation exploits the gogs vulnerability and ssh-agent's sign-on mechanism to get the root.
January 5, 2021
Aragog Hackthebox walkthrough
Aragog is a medium level linux machine from hackthebox. Initial foothold is based on exploiting XXE and the privilege escalation requires to log the password by creating a backdoor.
July 21, 2020
Penetration testing checklist for linux
The linux penetration checklist is a list of points that you should always look into while pentesting into any linux box. It has points from initial foothold to privilege escalation
July 16, 2020
Querier: Hackthebox walkthrough
Querier is a medium level windows machine. It exploits the mssql-server running on the box. The privilege escalation to administrator exploits GPP xml files
July 7, 2020
Lxd privilege escalation with security.privilege= true
When a normal user is part of lxd group, he can easily escalate his privileges to root..security.privilege= true creates a privileged lxd container.
July 1, 2020
Canape hackthebox Writeup
Hey pentesters! In this post blog post, I am gonna walk you through canape that is a medium linux machine from hackthebox. Summary The initial foothold on the box is based on python pickle injection that leads to remote code execution. Privilege escalation to user exploits a vulnerability in couchdb that can be leveraged to create a dummy user with _admin role.…
June 25, 2020
Automatic backup of folder contents on Github
We generate enormous amount of data everyday working with virtual machines. Several file are so important that one cant afford to loose them. But what if, oneday you realize that you virtual machine has crashed due to some reason and all your data is gone forever. Seems like a nightmare that no-one wanna encounter. Most of us take file backup on github,…
June 12, 2020
Blunder: Hackthebox Walkthrough
Hey all! In this blog post, we’ll be walking through blunder from hackthebox. Blunder is an easy level linux machine. Summary The initial foothold on the box requires a bit of enumeration to find out the correct user who can login into CMS:- bludit. There is the file upload vulnerability on the cms that gets the initial shell on the box.…
June 8, 2020