BroScience Overview BroScience is a medium-difficulty challenge focusing on web-related vulnerabilities, source code review, and custom code writing for exploitation. This box serves as excelle...
HackTheBox - Sekhmet | Writeup
Sekhmet Overview Sekhmet is an insane difficulty box: a lot of enumeration, exploitation of NodeJS deserialization, ModSecurity and Windows AppLocker bypass, weak ZIP encryption types, pivoting...
Kerberos 102 - Delegation
[Part 1] - Kerberos 102 - Overview [Part 2] - Kerberos 102 - Delegation [Part 3] - Kerberos 102 - Cross-Realm Operations Overview Kerberos delegation is a feature in the Kerberos authentication...
Kerberos 102 - Cross-Realm Operations
[Part 1] - Kerberos 102 - Overview [Part 2] - Kerberos 102 - Delegation [Part 3] - Kerberos 102 - Cross-Realm Operations Overview Kerberos cross-realm authentication, is a mechanism that enables...
Kerberos 102 - Overview
In this blog post, I’m sharing a compilation of my notes that I took while trying to understand Kerberos and address my own questions. I didn’t conduct any original research, but instead, I reviewe...
Multiple vulnerabilities in the belloo dating script 4.2.7.7
Regarding to the official site, Belloo (other possible names are premiumdatingscript, lindoo, social match) is a “High quality dating software with incredible out of the box ready-to-use function...
HackTheBox - Monitors | Writeup
Overview Monitors is defined as a hard-difficulty box: a lot of enumeration, 3 real-world CVE`s and docker container privilege escalation at the end. Notes Sometimes information from public e...
HackTheBox - Cap | Writeup
Overview Cap is a low-difficulty box. The exploitation and privilege escalation parts are pretty straightforward. Attention to detail and basic knowledge about Linux file capabilities are all tha...
Building a docker service honeypot
Building a Docker Service Honeypot Introduction One of the well-known misconfigurations for docker is an exposure of control API. By default, the docker client (CLI) communicates with the daemon u...
- 1
- 1 / 1