House of Banana
Posted on 2024-10-21
Hijack execution flow by abusing _rtld_global in ld.so
linux
HTB Writeup – Yummy
Posted on 2024-10-06
LFI, JWT Forgery, SQLi, Crontab abuse, Mercurial hook, Rsync privesc
HTB Writeup – Trickster
Posted on 2024-09-22
XSS + RCE for PrestaShop & exploit SSTI on ChangeDetection.io
ORW: Open, Read, Write – Pwn A Sandbox Using Magic Gadgets
Posted on 2024-09-18
ORW ROP chain with magic gadgets to pwn a Sandbox
HTB Writeup – Caption
Posted on 2024-09-15
Exploit H2 Database for Java web app & abuse Apache Thrift
HTB Writeup – Sightless
Posted on 2024-09-09
SQLPad RCE vulnerability & Froxlor exploit via Chrome remote debugging
LargeBin Attack: Write A Heap Address to Arbitrary Memory Location
Posted on 2024-08-31
LargeBin Attack is the future for heap exploitation.
HTB Writeup – MonitorsThree
Posted on 2024-08-25
RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.