HTB Writeup – MonitorsThree

Posted on 2024-08-25

RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.

HTB Writeup – Lantern

Posted on 2024-08-21

Skipper Proxy SSRF, Blazor traffic exploit, Privesc from process monitor

Posted on 2024-08-11

CVE-2023-41425 for WonderCMS RCE with malicious themes module.

Posted on 2024-08-05

Active Directory in Linux? Abuse SSH CA signing

Posted on 2024-07-29

CVE-2024-32002 for Git RCE, CVE-2024-20656 for Visual Studio PE

Posted on 2024-07-21

Pluck CMS RCE, and fun Depix to reveal pixelized passwords.

Posted on 2024-07-07

CVE-2023-4220 for Chamilo LMS and Symlink Attack for Linux

Posted on 2024-06-25

The most insane Windows box on HTB.

Posted on 2024-06-16

Season V, Linux, Easy, Git, CVE-2022-24439, SSRF

Posted on 2024-06-09

USER Nmap does not give us much information but a domain: Then I went for sub