In this machine we need to do some experimenting to avoid Windows Defender and figure out how to run a Python exploit when Python isn’t installed.
Date
4 years ago
Views
189 Views
Reading Time
< 1 Min Read
An interesting box sitting on the ELK (ElasticSearch, Logstash & Kibana) stack with a slant for the CTF side, but a very good introduction to those technologies.
Date
5 years ago
Views
179 Views
Reading Time
5 Mins Read
Despite the “Easy” tag, La Casa de Papel was an elaborate box. A vulnerable service leads to an unusual, limited PHP shell which allows us to generate our own signed certificates to access a specific part of the site. From there, a local file inclusion lets us acquire SSH credentials and then escalate to root via a misconfiguration.
Date
5 years ago
Views
168 Views
Reading Time
8 Mins Read
A fairly straightforward machine, Lightweight lets us explore an insuficiently secured LDAP environment, where we intercept credentials by listening in to the network device. It also leads down the path of Linux capabilities, to find an openssl binary which can do far more than it should.
Date
6 years ago
Views
170 Views
Reading Time
3 Mins Read
