Command-injection

Sep 28, 2022  ·  12 min read

HackTheBox - Secret

Secret starts with analyzing web source to recover a secret token from older commit. The secret is …

Linux Core-Dump JWT Go
Oct 18, 2021  ·  12 min read

HackTheBox - Dynstr

Dynstr imitates a company that offers a Dynamic DNS service. The provided API for this service is …

Linux DNS Command-Injection Wildcard-Injection
Oct 09, 2021  ·  11 min read

H@cktivitycon 2021 - Web

Another late CTF writeups for H@cktivitycon 2021 web category.

Default-Credentials SSRF Command-Injection CRLF
Oct 04, 2021  ·  9 min read

H@cktivitycon 2021 - Misc

This is my late CTF writeups for H@cktivitycon 2021 miscellaneous category.

Command-Injection Redis Arbitrary-File-Write
Aug 06, 2021  ·  9 min read

HackTheBox - Traverxec

Code execution with path traversal

Linux Nostromo Command-Injection Metasploit
Jul 10, 2021  ·  10 min read

HackTheBox - Atom

Supplying a malicious update definition to Electron-updater

Windows Electron-Builder Electron-Updater Command-Injection
Jun 26, 2021  ·  10 min read

HackTheBox - Spectra

Getting password from automatic login script of ChromeOS

Linux Chrome-OS WordPress Directory-Listing
May 30, 2021  ·  8 min read

VulnHub - DC-6

DC-6 starts off by enumerating usernames from a WordPress website and use a brute-force attack …

Linux WordPress Command-Injection CVE-2018-15877
May 15, 2021  ·  9 min read

HackTheBox - Ready

Turns SSRF to remote code execution and escape from a Docker container

Linux GitLab CVE-2018-19571 CVE-2018-19585
May 08, 2021  ·  8 min read

HackTheBox - Doctor

Seven times seven is equal to SSTI

Linux Command-Injection SSTI Splunk