TryHackMe
ConvertMyVideo - TryHackMe Writeup
This room exploits an open-source Youtube video download tool using an interesting injection method. It also includes some common linux privilege escalation methods.
Tomghost - TryHackMe Writeup
This room covers the famous Ghostcat CVE vulnerability to gain an initial access shell on the remote machine alongside an interesting ASC and GPG privilege escalation technique.
Anonymous - TryHackMe Writeup
This room exploits a vulnerable FTP port left open, exposing a script that can be overwritten. Privilege escalation is also included using the famous GTFOBins to gain a root shell.
LazyAdmin - TryHackMe Writeup
Lazy admins are a hacker’s best friend. This room includes using the SweetRice exploit, peering into an unsecured MySQL backup, and a priv esc tactic of rewriting a script file.
Ultratech - TryHackMe Writeup
You have been contracted by UltraTech. It’s a grey-box kind of assessment. The only information you have is the company's name and their server's IP address.
Daily Bugle - TryHackMe Room
In this room, we will compromise a Joomla CMS account via SQL Injection, practice cracking hashes and escalate your privileges by taking advantage of yum with sudo privileges.
Skynet - TryHackMe Room Writeup
In this room, we will cover using Gobuster on a website, using SMBclient and SMBMap to enumerate shares and exploiting a CMS RFI vulnerability as well as wildcard privilege escalation.
GameZone- TryHackMe Room Writeup
In this room, we will cover SQLi and how to exploit it both manually and via using SQLMap, cracking hashes, using SSH tunnels and Metasploit.
Alfred - TryHackMe Room Writeup
In this room, you’ll learn how to exploit a common misconfiguration on a widely used automation server - Jenkins - which is used to create continuous integration/continuous development pipelines.
Kenobi - TryHackMe Room Walkthrough
In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables
Basic Pentesting - TryHackMe Room
In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables
Vulnversity - TryHackMe Room
In this room, we will walk through a basic machine using various techniques from scanning with nmap, directory busting with Gobuster and utilizing some privilege escalation techniques.
Linux Privilege Escalation
In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables
Common Linux Privilege Escalation
In this room, we will give an introduction to some common linux privilege escalation techniques such as SUID/GUID files, /etc/passwd file, and crontabs