Registry CTF Writeup The challenge calls for the exploitation of various security weaknesses, including the use of default credentials, exposure of sensitive information through docker images, and cracking of database passwords to gain unauthorized access. Additionally, it tests our ability to perform both horizontal and vertical privilege escalations by exploiting system misconfigurations and known software […]
Jarvis CTF Writeup Jarvis CTF Jarvis is a medium-level Linux challenge featuring a web server with SQL injection vulnerability. Exploiting this leads to initial access. Privilege escalation involves executing a script as another user and exploiting an SUID bit set on systemctl to gain root access. HackTheBox Hack The Box gives individuals, businesses and universities
Haircut CTF Writeup Writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Haircut CTF from HackTheBox. Haircut CTF Haircut CTF touches on several useful attack vectors. Most notably, this machine demonstrates the risk of user-specified CURL arguments, which still impacts many active services today. HackTheBox Hack The Box
SolidState CTF Writeup Writeup presented by Behind Security as part of the Road to OSCP series, focusing on the SolidState CTF from HackTheBox. SolidState CTF SolidState is a medium difficulty machine that requires chaining of multiple attack vectors in order to get a privileged shell. HackTheBox Hack The Box gives individuals, businesses and universities the
Poison CTF Writeup Writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Poison CTF from HackTheBox. Poison CTF Poison CTF is a machine which focuses mainly on log poisoning and port forwarding/tunneling. The machine is running FreeBSD which presents a few challenges for novice users as many common
Cronos CTF Writeup This is a writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Cronos CTF from HackTheBox. Cronos CTF Cronos CTF focuses mainly on different vectors for enumeration and also emphasizes the risks associated with adding world-writable files to the root crontab. HackTheBox Hack The Box
Popcorn CTF Writeup This is a writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Popcorn CTF from HackTheBox. Popcorn CTF Popcorn, while not overly complicated, contains quite a bit of content and it can be difficult for some users to locate the proper attack vector at first.
Netmon CTF Writeup This is a writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Netmon CTF from HackTheBox. The writeup takes the form of a pentest report. Netmon CTF Netmon is an easy difficulty Windows box with simple enumeration and exploitation. PRTG is running, and an FTP
Optimum CTF Writeup This is a writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Optimum CTF from HackTheBox. The writeup takes the form of a pentest report. Optimum CTF Optimum is a beginner-level machine which mainly focuses on enumeration of services with known exploits. HackTheBox Hack The
Hawk CTF Writeup This is a writeup presented by Behind Security as part of the Road to OSCP series, focusing on the Hawk CTF from HackTheBox. The writeup takes the form of a detailed pentest report. Hawk CTF Hawk CTF is a medium to hard difficulty machine, which provides excellent practice in pentesting Drupal. The
