lfi
Archangel
· ☕ 8 min read · ✍️ M4t35Z
A box about getting an RCE via LFI and Log Poisoning. Then abusing a cronjob that used a file with weak permissions. And then analysing a suid binary which used relative paths instead of absolute paths which made it vulnerable to path injection.

Forwardslash
· ☕ 11 min read · ✍️ M4t35Z
Forwardslash writeup. I went through the LFI way. I used rockyou to break the crypto.

ServMon
· ☕ 2 min read · ✍️ M4t35Z
Rooting ServMon with curl

Smasher
· ☕ 4 min read · ✍️ M4t35Z
Rooting Smasher