Tag: Walkthrough

This medium level machine features a Gila CMS vulnerable to Authenticated Remote Code Execution. We exploit this manually to gain a reverse shell. We then move laterally to another low privileged user to get deeper into the machine. Finally, we escalate to root by abusing cron wildcards. Find m...

Overview SecNotes is a retired HTB machine, which means that it is no longer available for active penetration testing. This walkthrough is designed to help you understand the steps and techniques used to exploit this machine. SecNotes is a Windows-based machine running various services on differe...

Before starting make sure your Kali & Butler machines are on the same network. Butler should be configured with DHCP. To find the IP address lets use arp-scan. arp-scan -l Interface: eth0, type: EN10MB, MAC: 00:0c:29:b6:2b:dd, IPv4: 192.168.100.254 Starting arp-scan 1.10.0 with 256 hosts ...

Introduction This article aims to walk you through Relevant box produced by The Mayor and hosted on TryHackMe. Anyone who has access to TryHackMe can try to pwn this Windows box, this is an intermediate and fun box. The creator of this box wants a...