tryhackme
Overpass3 - Hosting
· ☕ 9 min read · ✍️ M4t35Z
dirfuzz --> backup --> gpg --> creds --> ftp --> pw reuse --> nfs

The Great Escape
· ☕ 14 min read · ✍️ M4t35Z
robots --> backup --> dev api --> command injection --> injection --> git log --> port knocking --> docker -H

Overpass2 - hacked
· ☕ 4 min read · ✍️ M4t35Z
A box about pcap analysis and a SUID binary

Archangel
· ☕ 8 min read · ✍️ M4t35Z
A box about getting an RCE via LFI and Log Poisoning. Then abusing a cronjob that used a file with weak permissions. And then analysing a suid binary which used relative paths instead of absolute paths which made it vulnerable to path injection.

hackerNote
· ☕ 5 min read · ✍️ M4t35Z
A box about user enumeration(I did it with the hint fuctionality), brute forcing and abusing a well-known sudo cve (pwfeedback bof)

Overpass
· ☕ 7 min read · ✍️ M4t35Z
TryHackMe Overpass writeup

Pickle Rick
· ☕ 3 min read · ✍️ M4t35Z
TryHackMe Pickle Rick box

Basic Pentesting
· ☕ 1 min read · ✍️ M4t35Z
TryHackMe Basic Pentesting room

Blue
· ☕ 1 min read · ✍️ M4t35Z
TryHackMe Blue room

CMesS
· ☕ 2 min read · ✍️ M4t35Z
TryHackMe CMesS room