tag

Linux

134 posts
machinemachine

MagicGardens

Linux+1

MagicGardens: turn the exposed service into a shell, pivot through the container boundary, and escalate to root.

machinemachine

Compiled

Windows+2

Compiled: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

machinemachine

Union

Linux

Union: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

machinemachine

Jarmis

Windows+1

Jarmis: use CVE-2021-38647 where it fits the service, gain a shell, and escalate to root.

machinemachine

Lantern

Linux

Lantern: use CVE-2022-38580 where it fits the service, gain a shell, and escalate to root.

machinemachine

Resource

Linux+1

Resource: turn the exposed service into a shell, pivot through the container boundary, and escalate to root.

machinemachine

YPuffy

Windows+4

YPuffy: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

machinemachine

Brains

TryHackMe+1

Brains: use CVE-2024-27198 where it fits the service, gain a shell, and escalate to root.

machinemachine

Help

Windows+3

Help: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

notesnotes

BloodHound

Bloodhound+3

BloodHound: collect BloodHound data, read the AD graph, and prioritize attack paths.

machinemachine

GoodGames

Linux+1

GoodGames: turn the exposed service into a shell, pivot through the container boundary, and escalate to root.

machinemachine

Valentine

Linux

Valentine: use CVE-2014-0160 and CVE-2016-5195 where it fits the service, gain a shell, and escalate to root.

machinemachine

Yummy

Linux

Yummy: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

machinemachine

EvilCUPS

Linux

EvilCUPS: use CVE-2024-47076 and CVE-2024-47175 where it fits the service, gain a shell, and escalate to root.

machinemachine

Prioritise

TryHackMe+1

Prioritise: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

machinemachine

Pyrat

TryHackMe+1

Pyrat: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

machinemachine

Cicada

Windows+5

Cicada: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

machinemachine

Gobox

Linux

Gobox: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

notesnotes

Chisel

SSH+2

Chisel Forwarding: fix SSH configuration and permissions so remote access works predictably.

machinemachine

Bashed

Linux

Bashed: enumerate the services, turn the exposed weakness into a shell, and escalate to root.

machinemachine

Shocker

Linux

Shocker: use CVE-2014-6271 where it fits the service, gain a shell, and escalate to root.

machinemachine

TwoMillion

Linux

TwoMillion: use CVE-2023-0386 where it fits the service, gain a shell, and escalate to root.

machinemachine

Soccer

Windows+3

Soccer: enumerate the AD surface, abuse the exposed credential or delegation path, and escalate to Administrator.

machinemachine

GreenHorn

Linux

GreenHorn: use CVE-2023-50564 where it fits the service, gain a shell, and escalate to root.