medium
Time
· ☕ 9 min read · ✍️ M4t35Z
My HackTheBox Time writeup (Jackson rce --> Weak permissions)
Time
The Great Escape
· ☕ 14 min read · ✍️ M4t35Z
robots --> backup --> dev api --> command injection --> injection --> git log --> port knocking --> docker -H
The Great Escape
hackerNote
· ☕ 5 min read · ✍️ M4t35Z
A box about user enumeration(I did it with the hint fuctionality), brute forcing and abusing a well-known sudo cve (pwfeedback bof)
hackerNote
OpenKeyS
· ☕ 4 min read · ✍️ M4t35Z
Writeup for OpenKeyS, a medium OpenBSD box. Web enum --> source --> auth bypass cve --> cookie --> id_rsa --> authroot cve --> root
OpenKeyS
Sneaky Mailer
· ☕ 10 min read · ✍️ M4t35Z
Subdomain enum --> smtp --> phishing --> creds --> imap --> more creds --> ftp(upload a revshell) --> pypi privesc --> user.txt --> gtfobins --> root.txt
Sneaky Mailer
Fuse
· ☕ 8 min read · ✍️ M4t35Z
Fuse writeup. http --> crawl --> cme --> passreset --> rpc --> printerpass --> winrm --> groups --> Admin
Fuse
Book
· ☕ 6 min read · ✍️ M4t35Z
Book writeup
Book
CMesS
· ☕ 2 min read · ✍️ M4t35Z
TryHackMe CMesS room
djinn
· ☕ 3 min read · ✍️ M4t35Z
TryHackMe djinn room
Madness
· ☕ 2 min read · ✍️ M4t35Z
TryHackMe Madness room