HackTheBox
HTB Bastion: Mounting Secrets from the Past
Windows machine walkthrough: SMB share enumeration, VHD file mounting for SAM credential extraction, and privilege escalation via mRemoteNG password decryption.
Articles
HackTheBox
HTB Curling: Joomla RCE to Curl Config File Abuse
Joomla CMS exploitation for initial access through admin panel takeover, followed by Linux privilege escalation via curl configuration file abuse.
HackTheBox
HTB Beep: LFI to Root via Nmap Binary Exploitation
Elastix PBX exploitation via local file inclusion to extract credentials, then multiple paths to root including Nmap interactive mode abuse.
HackTheBox
HTB Irked Writeup: UnrealIRCd Backdoor to Root via SUID Abuse
Exploiting the UnrealIRCd 3.2.8.1 backdoor for initial shell access, then escalating to root through a custom SUID binary on Linux.
CTF Writeups
HTB Cicada: From Password Spraying to Token Abuse
Active Directory machine: password spraying for initial foothold, LDAP enumeration, and domain admin access through SeBackupPrivilege token abuse.
CTF Writeups
HTB Bank: Chasing Balance Transfers to Root Shell
DNS enumeration reveals a hidden banking application. File upload restriction bypass for webshell access, then root via writable SUID binary.