CTF Writeups
HTB Blocky
Minecraft server enumeration, Java JAR plugin decompilation revealing hardcoded database credentials, and trivial root access via sudo su.
Latest research
CTF Writeups
HTB Keeper Writeup: How a Danish Dessert Unlocked Root Access
Request Tracker default credentials for initial access, then KeePass crash dump memory analysis (CVE-2023-32784) to extract the root SSH key.
CTF Writeups
HTB Knife: PHP 8.1.0-dev Supply Chain Backdoor RCE to Root
Exploiting the PHP 8.1.0-dev supply chain backdoor via User-Agentt header for RCE, then root through knife binary sudo privilege on Linux.
CTF Writeups
HTB Broker Writeup
Apache ActiveMQ CVE-2023-46604 deserialization RCE for initial shell, then root via nginx sudo misconfiguration allowing config overwrite.
AI Security
My C-AI/MLPen Exam Journey
Detailed walkthrough of the C-AI/MLPen certification exam — preparation strategy, exam format, key challenges, and practical tips for AI/ML penetration testing.
CTF Writeups
HTB Bashed Writeup: From phpbash WebShell to Root via Cron Job Abuse
Discovering phpbash webshell on Apache, lateral movement to scriptmanager user, then root access by abusing a Python cron job on Linux.