dirfuzz --> backup --> gpg --> creds --> ftp --> pw reuse --> nfs

A box about pcap analysis and a SUID binary

A box about getting an RCE via LFI and Log Poisoning. Then abusing a cronjob that used a file with weak permissions. And then analysing a suid binary which used relative paths instead of absolute paths which made it vulnerable to path injection.

TryHackMe Overpass writeup

HackTheBox Omni writeup. A Windows IOT box, with PSCredential encrypted flags

Command injection in a discord BOT

Buff writeup, ENUMERATE EVERYTHING. At the start the box was slow as hell like the majority of windows boxes lmao. Btw here's the process: Website enum --> cve --> Local enum --> cve --> root

Rooting Blunder

Traceback was a very enjoyable box. I used a little OSINT in the first part after I got in I used only manual enumeration techinques in order to get to the root user.

My writeup for an easy windows AD box.