|
You are here |
leeadams.dev | ||
| | | | |
mdanilor.github.io
|
|
| | | | | Tutorial on OSCP buffer overflow using a tryhackme OSCP BoF prep VM. | |
| | | | |
0xdf.gitlab.io
|
|
| | | | | Reel was an awesome box because it presents challenges rarely seen in CTF environments, phishing and Active Directory. Rather than initial access coming through a web exploit, to gain an initial foothold on Reel, I'll use some documents collected from FTP to craft a malicious rtf file and phishing email that will exploit the host and avoid the protections put into place. Then I'll pivot through different AD users and groups, taking advantage of their different rights to eventually escalate to administrator. In Beyond Root, I'll explore remnants of a second path to root that didn't make the final cut, look at the ACLs on root.txt, examine the script that opens attachments as nico. | |
| | | | |
0xdf.gitlab.io
|
|
| | | | | I thought Giddy was a ton of fun. It was a relateively straight forward box, but I learned two really neat things working it (each of which inspired other posts). The box starts with some enumeration that leads to a site that gives inventory. I'll abuse an SQL-Injection vulnerability to get the host to make an SMB connect back to me, where I can collect Net-NTLMv2 challenge response, and crack it to get a password. I can then use either the web PowerShell console or WinRM to get a shell. To get system, I'll take advantage of a vulnerability in Ubiquiti UniFi Video. | |
| | | | |
chrome.googleblog.com
|
|
| | | Here in Aarhus, Denmark -- home of the V8 project, Chrome's JavaScript engine -- we've been tuning, testing, and polishing the V8 engine to... | ||