In this walk through, we will be going through the Codo room from Proving Grounds. This room is rated as Easy on the platform and it consists of exploitation via Codoforum RCE exploit to get the initial foothold and dumping of DB password stored in config file to get root. So, let’s get started without […]
In this walk through, we will be going through the Cockpit room from Proving Grounds. This room is rated as Intermediate on the platform and it consist of SQL Injection authentication bypass in order to get initial access on to the server. For privilege escalation, we have sudo misconfiguration for tar binary where wildcard injection
In this walk through, we will be going through the Clue room from Proving Grounds. This room is rated as Hard on the platform and it consists of chaining of two service related exploits in order to get the initial foothold. For the privilege escalation part, it require exploitation of sudo misconfiguration on cassandra-web binary.
In this walk through, we will be going through the Boolean room from Proving Grounds. This room is rated as Intermediate on the platform and it consist of exploitation bypassing of account confirmation implementations in user account creation along with the chaining of directory traversal and file upload vulnerability to get initial access. For the
In this walk through, we will be going through the BlackGate room from Proving Grounds. This room is rated as Hard on the platform and it consist of exploitation of redis server RCE exploitation to get an initial shell followed by the exploitation of redis-status binary to get root. So, let’s get started without any
In this walk through, we will be going through the AuthBy room from Proving Grounds. This room is rated as Intermediate on the platform and it consists of extensive FTP enumeration to get initial foothold. For privilege escalation, it requires exploitation with a MS11-06 kernel exploit to get root. So, let’s get started without any
In this walk through, we will be going through the Astronaut room from Proving Grounds. This room is rated as Easy on the platform and it consist of exploitation of CVE-2021-21425 in Grav CMS to get initial foothold and then require abuse of unknown SUID binary to get root. So, let’s get started without any
In this walk through, we will be going through the Amaterasu room from Proving Grounds. This room is rated as Easy on the platform and it consists of exploitation via Python File Server API to get the initial access. For privilege escalation, Path Hijacking is required to get root. So, let’s get started without any
In this walk through, we will be going through the Algernon room from Proving Grounds. This room is rated as Easy on the platform and it consists of SmarterMail RCE to get root. So, let’s get started without any delay. Machine Info: Title Algernon IPaddress 192.168.166.65 Difficulty Easy OS Windows Description Algernon is an Easy
In this walk through, we will be going through the Access room from Proving Grounds. This room is rated as Intermediate on the platform and it consists of a new technique to bypass extension filtering in Upload functionalities to get initial foothold. For the lateral movement, Kerberoasting is required of a target account and privilege
