Disclosing Froxlor V2.x Authenticated RCE as Root Vulnerability via PHP-FPM
A story of a vulnerability in Froxlor that allowed authenticated remote code execution as root. This vulnerability exists on the latest version of Froxlor, including v2.x.
A story of a vulnerability in Froxlor that allowed authenticated remote code execution as root. This vulnerability exists on the latest version of Froxlor, including v2.x.
Performing a compromise assessment on a Linux host and identifying the attack footprints.
Extracting NTLM hashes from a memory dump and decrypting SMB3 traffic to find the flag.
Learning how to exploit CVE-2023-23752 and identify the vulnerability in the Joomla website.
Extracting sensitive information from the Docker Registry and exploiting Server-Side Template Injection.
JSON Web Tokens challenges from CryptoHack
Local Storage manipulation to escalate privileges
Extracting Chrome credentials that were encrypted with DPAPI.
Creating a custom profile for Volatility to analyze a memory dump.
Investigating a compromised Linux machine.