How to configure SSL on EC2 instance for free
The post is a walkthrough on how to configure ssl on linux instances. This can also be helpful when exploiting CORS.
The post is a walkthrough on how to configure ssl on linux instances. This can also be helpful when exploiting CORS.
The post talks about an interesting find of XSS even when the filter was used. It also covers the mistakes that a developer makes while sanitizing input.
Doctor is an easy linux machine from hackthebox. The initial foothold exploits SSTI/XSS and with splunkd you get the privilege escalation
Ghoul is a hard linux machine from hackthebox The privilege escalation exploits the gogs vulnerability and ssh-agent's sign-on mechanism to get the root.
Ghould is a hard linux machine from hackthebox. Find the machine in the retired section.
The linux penetration checklist is a list of points that you should always look into while pentesting into any linux box. It has points from initial foothold to privilege escalation
Hey pentesters! In this post blog post, I am gonna walk you through canape that is a medium linux machine from hackthebox. Summary The initial foothold on the box is based on python pickle injection that leads to remote code execution. Privilege escalation to user exploits a vulnerability in couchdb that can be leveraged to create a dummy user with _admin role.…
Hey all! In this blog post, we’ll be walking through blunder from hackthebox. Blunder is an easy level linux machine. Summary The initial foothold on the box requires a bit of enumeration to find out the correct user who can login into CMS:- bludit. There is the file upload vulnerability on the cms that gets the initial shell on the box.…
Cache is medium linux box. Initial foothold is based on CVE of openEMR and privlege escalation requires exploiting the docker group member.