Writing
Thoughts on development, security, CTF and everything in between.
TryHackMe: Ollie
Begin with strange port and gain credentials from it, then using the creds to logs in on the web, after that chaining multiple vulnerability to gain reverse shell
TryHackMe: Olympus
Begin with SQL Injection then found another domain and gain reverse shell from webshell, after that looking for suid for privilege escalation and found interesting file with Zeus's group in it.
TryHackMe: Brute
Bruteforcing mysql creds then use it logs in on the web after that use log poisoning to gain shell the escalate privilege to another user and root
TryHackMe: VulnNet: Endgame
Begin with given static web then enumerate subdomains and found another, gain admin CMS credentials using sqlmap then upload reverse shell to CMS and gain shell after that decrypting .mozilla folder to gain another user shell
TryHackMe: DX1: Liberty Island
Got hint from robots.txt then enumerate the path and found another hint to gain VNC password and then sniffing executable file using wireshark and got root permission.