XSS, Tab Nabbing & Rust Reversing – Developer @ HackTheBox
xct2022-06-14T08:32:17+00:00We are going to solve Developer, a pretty hard Linux machine on HackTheBox. It involves Cross-Site-Scripting, Tab Nabbing & reversing a rust binary.
About Kerberos Silver Tickets
xct2022-02-17T10:29:07+00:00I always had difficulties understanding what Silver Tickets are and how they are used. Maybe this comes from the fact that they are rarely seen in labs. They can be really powerful though, so I'll be trying my best to describe my understanding of them in this post.
Command Injection & Path Hijacking – Previse @ HackTheBox
xct2022-01-08T14:10:59+00:00We are solving Previse, an easy linux machine on HackTheBox that involves a Command Injection & Path Hijacking.
Lab – Lustrous Walkthrough
xct2023-08-03T19:45:52+00:00This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab.
Lab – Exploiting Log4Shell (CVE-2021-44228)
xct2022-07-27T07:01:57+00:00On December 10th 2021 the Log4Shell vulnerability, a "0-day" exploit in log4j2 appeared on Twitter. In this post, we will explore how to exploit it with LDAP in a lab environment.
Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice
xct2021-12-04T17:39:59+00:00We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes. For root, we will abuse GPO Permissions and explore 2 unintended privilege escalations.