Mika's Blog

Sysadmin, Network & Infosec
Menu Close
  • Accueil
  • system
  • network
  • infosec
  • CVE Disclosures
  • Pentest CheatSheet
  • Random Post
6

[TryHackme] – Olympus 4.5 (4)

Posted on 21 juillet 2022 by Mika

6 min read TryHackMe – Olympus Room designed by G4vr0ch3. Continuer la lecture →

infosec, system ctf, file upload, linux, php, sqli, tryhackme, writeup
2

My first CVE (2021-24856) – WordPress Plugin 4.7 (7)

Posted on 18 octobre 2021 by Mika

2 min read The plugin does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks. Continuer la lecture →

infosec cve, findings, pentest, security, web, wordpress, xss
0

[TryHackme] – Empline 5 (7)

Posted on 20 septembre 2021 by Mika

4 min read Are you good enough to apply for this job ? Continuer la lecture →

infosec ctf, CVE-2019-13358, linux, pentest, ruby, tryhackme, web, writeup, xxe
0

BTLO – Network Analysis – Web Shell 5 (5)

Posted on 20 août 2021 by Mika

4 min read The SOC received an alert in their SIEM for ‘Local to Local Port Scanning’ where an internal private IP began scanning another internal system. Continuer la lecture →

infosec, network blueteam, btlo, infosec, network, writeup
0

HackTheBox : Shocker 5 (5)

Posted on 9 juillet 2021 by Mika

3 min read Shocker is a retired HTB (Hack The Box) machine that is based on the ShellSock vulnerability, in this machine we will not use metasploit. Continuer la lecture →

infosec ctf, hackthebox, linux, pentest, shellshock, writeup
2

Linux Privilege Escalation : Docker Group 4.9 (8)

Posted on 29 juin 2021 by Mika

3 min read In this article, we will go from a lambda user with no rights but in the docker group to the root user using a wrong configuration and use of docker. Continuer la lecture →

infosec, system ctf, docker, infosec, linux, pentest
0

CloudFlare : Real visitor IPs in Nginx logs 5 (4)

Posted on 2 juin 2021 by Mika

2 min read Real visitor IPs in Nginx logs when using CloudFlare. Continuer la lecture →

system cloudflare, nginx, security
0

[TryHackme] – Gallery 4.4 (17)

Posted on 24 mai 2021 by Mika

4 min read Gallery is a tryhackme room designed by me. You will exploit an SQL injection and deal with a custom script to escalate to the root user. Continuer la lecture →

infosec, system cve, linux, privesc, sqli, tryhackme, writeup
2

FCSC 2021 : BaguetteVPN 2 4.9 (13)

Posted on 3 mai 2021 by Mika

3 min read Voici le write up du challenge Baguette VPN n°2 du France Cybersecurity Challenge (FCSC 2021)

Le but est de récupérer le secret contenu dans l’API. Continuer la lecture →

infosec crlf, ctf, fcsc, pentest, python, web, writeup
5

Linux Privilege Escalation : Python Library Hijacking 4.3 (13)

Posted on 22 avril 2021 by Mika

3 min read Linux Privilege Escalation with Python Library Hijacking.

Python will prioritize the execution of our malicious module instead of the usual path Continuer la lecture →

infosec, system ctf, infosec, linux, pentest, python

Navigation des articles

Articles Précédents

Buy me a coffee

TryHackMe

TryHackMe

Newsletter

Loading

HACKER’S PLAYGROUND

Active Directory labs

Inf0sec Labs

Articles récents

  • [TryHackme] – Olympus
  • My first CVE (2021-24856) – WordPress Plugin
  • [TryHackme] – Empline
  • BTLO – Network Analysis – Web Shell

Flux ZDNET

  • IA dans Google Workspace : Gmail, Google Docs, Slides, Sheets, Meet et Chat : ce que ça change pour vous 23 mars 2023
  • Mozilla.ai, nouvelle entité spécialisée dans l'IA "ouverte" et "transparente" 23 mars 2023

Flux The Hacker News

  • Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers 23 mars 2023
  • German and South Korean Agencies Warn of Kimsuky's Expanding Cyber Attack Tactics 23 mars 2023

Flux I Learned Blog

  • OpenSSL, itinéraire d’une catastrophe ratée 31 octobre 2022
  • Syncthing, la synchronisation de fichiers dopée aux stéroïdes 17 août 2022

Commentaires récents

  • Ludo dans Installer facilement Cisco Packet Tracer sous Linux
  • Mika dans [TryHackme] – Olympus
  • dra3fcs dans [TryHackme] – Olympus
  • Mika dans [TryHackme] – Olympus
  • Thomas dans [TryHackme] – Olympus

Archives

  • juillet 2022 (1)
  • octobre 2021 (1)
  • septembre 2021 (1)
  • août 2021 (1)
  • juillet 2021 (1)
  • juin 2021 (2)
  • mai 2021 (2)
  • avril 2021 (1)
  • mars 2021 (2)
  • février 2021 (2)
  • janvier 2021 (4)
  • décembre 2020 (3)
  • novembre 2020 (5)
  • octobre 2020 (2)

Étiquettes

blueteam bruteforce btlo chisel cisco cloudflare config crlf ctf cve CVE-2019-13358 ddos debian docker fcsc file upload findings firewall forwarding hackthebox hydra infosec learn linux network nginx packet tracer pentest php port forwarding privesc python ruby security shellshock sqli sysadmin tcp tryhackme vlan web wordpress writeup xss xxe

LEGAL PAGES

  • Terms and Conditions
© 2023 Mika's Blog. All rights reserved.
Hiero by aThemes