robots --> backup --> dev api --> command injection --> injection --> git log --> port knocking --> docker -H
A box about getting an RCE via LFI and Log Poisoning. Then abusing a cronjob that used a file with weak permissions. And then analysing a suid binary which used relative paths instead of absolute paths which made it vulnerable to path injection.
A box about user enumeration(I did it with the hint fuctionality), brute forcing and abusing a well-known sudo cve (pwfeedback bof)
Command injection in a discord BOT