[TryHackme] – Olympus
6 min read TryHackMe – Olympus Room designed by G4vr0ch3. Continuer la lecture
My first CVE (2021-24856) – WordPress Plugin
2 min read The plugin does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks. Continuer la lecture
[TryHackme] – Empline
4 min read Are you good enough to apply for this job ? Continuer la lecture
BTLO – Network Analysis – Web Shell
4 min read The SOC received an alert in their SIEM for ‘Local to Local Port Scanning’ where an internal private IP began scanning another internal system. Continuer la lecture
HackTheBox : Shocker
3 min read Shocker is a retired HTB (Hack The Box) machine that is based on the ShellSock vulnerability, in this machine we will not use metasploit. Continuer la lecture
Linux Privilege Escalation : Docker Group
3 min read In this article, we will go from a lambda user with no rights but in the docker group to the root user using a wrong configuration and use of docker. Continuer la lecture
CloudFlare : Real visitor IPs in Nginx logs
2 min read Real visitor IPs in Nginx logs when using CloudFlare. Continuer la lecture
[TryHackme] – Gallery
4 min read Gallery is a tryhackme room designed by me. You will exploit an SQL injection and deal with a custom script to escalate to the root user. Continuer la lecture
FCSC 2021 : BaguetteVPN 2
3 min read Voici le write up du challenge Baguette VPN n°2 du France Cybersecurity Challenge (FCSC 2021)
Le but est de récupérer le secret contenu dans l’API. Continuer la lecture
Linux Privilege Escalation : Python Library Hijacking
3 min read Linux Privilege Escalation with Python Library Hijacking.
Python will prioritize the execution of our malicious module instead of the usual path Continuer la lecture
Français
العربية
简体中文
Nederlands
English
Deutsch
Italiano
日本語
한국어
Português
Русский
Español
Türkçe
Українська