Machine Author(s): MrR3boot Difficulty: Hard Part 1: Enumeration & Foothold Enumeration Nmap finds 3 opened TCP ports 22(ssh) ,80(http) and 8080(http) The hosts seems to be ubuntu. [Jan 23, 20...

Machine Author(s): ruycr4ft & kavigihan Description: This machine is a Medium linux machine, The machine is exploited by taking advantage of an Sql injection Vulnerability, which when leverage...

La programmation au niveau kernel représente l’un des domaines les plus fascinants et techniques de l’informatique. Récemment, j’ai eu l’opportunité de plonger dans cet univers complexe à travers u...

Description: This machine I made takes advantage of misconfigurations in file uploads, LFI exploitation, and Linux privilege misconfigurations, simulating an environment where attackers discover c...

Description Topology starts with a website for a Math department at a university with multiple virtual hosts. One has a utility for turning LaTeX text into an image. I’ll exploit an injection to ge...

Description PC starts with only SSH and TCP port 50051 open. I’ll poke at 50051 until I can figure out that it’s GRPC, and then use grpcurl to enumerate the service. I’ll find an SQL injection in t...

Machine Author(s): FistMatHAck Description: This machine is a Easy linux machine, The machine is exploited by taking advantage of a vulnerability in the pymatgen library, where the JonesFaithfu...

Introduction PHP Object Injection vulnerabilities are frequently found in web applications. If successfully exploited they let attackers run arbitrary code and take advantage of vulnerabilities in ...