|
You are here |
www.mh4ckt3mh4ckt1c4s.xyz | ||
| | | | |
www.politoinc.com
|
|
| | | | | The Proving-Grounds offers both free and paid tier levels, where users can test their skills in a lab environment similar to other platforms like Hack the Box and TryHackMe. | |
| | | | |
www.justus.pw
|
|
| | | | | [AI summary] The user successfully gained access to a system by exploiting a Heartbleed vulnerability, decrypted an RSA key using a password obtained from memory, and then used that key to log in as the 'hype' user. After enumerating the system, they accessed a Tmux session to gain root access and retrieved the root flag. | |
| | | | |
blog.ikuamike.io
|
|
| | | | | Summary As the name suggests this box had a instance of gitlab where the initial foothold involves getting credentials from obfuscated javascript and once logged into the gitlab instance we abuse webhooks to add our own code and execute it to get a reverse shell. Read on to see how I able to root the box. Enumeration As usual I start with a quick nmap scan to find open ports and then run a second scan for service and version detection. | |
| | | | |
www.valentinog.com
|
|
| | | Notes on deploying Django > 3.1 (async) with Uvicorn under Nginx as a reverse proxy. | ||