How to crack SSH Private Key with John the Ripper ?
3 min read We will explain how to use John the Ripper, a tool used to crack passwords, to crack a passphrase of an SSH Private Key with the famous wordlist rockyou.txt. Continuer la lecture
pentest
My first CVE (2021-24856) – WordPress Plugin
2 min read The plugin does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks. Continuer la lecture
[TryHackme] – Empline
4 min read Are you good enough to apply for this job ? Continuer la lecture
HackTheBox : Shocker
3 min read Shocker is a retired HTB (Hack The Box) machine that is based on the ShellSock vulnerability, in this machine we will not use metasploit. Continuer la lecture
Linux Privilege Escalation : Docker Group
3 min read In this article, we will go from a lambda user with no rights but in the docker group to the root user using a wrong configuration and use of docker. Continuer la lecture
FCSC 2021 : BaguetteVPN 2
3 min read Voici le write up du challenge Baguette VPN n°2 du France Cybersecurity Challenge (FCSC 2021)
Le but est de récupérer le secret contenu dans l’API. Continuer la lecture
Linux Privilege Escalation : Python Library Hijacking
3 min read Linux Privilege Escalation with Python Library Hijacking.
Python will prioritize the execution of our malicious module instead of the usual path Continuer la lecture
[TryHackme] – Overpass 3
4 min read You know them, you love them, your favourite group of broke computer science students have another business venture! Show them that they probably should hire someone for security… Continuer la lecture
