HackTheBox — MistMist an insane difficult machine involved an instance of pluck being vulnerable to both local file inclusion (LFI) and remote code…Oct 28Oct 28
Vulnlab — CicadaCicada is a standalone windows machine enabled with only kerberos authentication that involved enumerating NFS share to find domain…Oct 13Oct 13
Vulnlab — HeronHeron from vulnlab, had a linux jump server access to domain controller, using chisel for socks proxy, enumerating the internal website…Oct 4Oct 4
Vulnlab — TenguTengu, a medium rated chained machine from vulnlab consisting of two windows and one linux host, had an instance node-red running on linux…Sep 19Sep 19
Vulnlab — PhantomPhantom involved enumerating shares to find an email with a password, enumerating domain users by bruteforcing SIDs, password spraying to…Jul 22Jul 22
Vulnlab — KlendathuKlendathu, an insane rated machine involved enumerating nfs share containing a configuration file with password hash of domain user, this…Jul 9Jul 9
Vulnlab — LockLock is a basic windows machine which involved enumerating the gitea repository to find a Personal Access Token (PAT), through which it…Jul 1Jul 1
Vulnlab — SendaiSendai involved enumerating usernames through smb shares having password expired, resetting their password, belonging to Support group they…May 10May 10
Vulnlab — VigilantVigilant a hard rated chained machine involved enumerating smb shares to find an encrytped pdf file, analyzing the ADAudit dll file to…Apr 30Apr 30
Vulnlab — KaijuKaiju is a hard rated AD chain, involved enumerating FTP server with default credentials to find filezilla configuration file having the…Mar 31Mar 31