HackTheBox - Schooled
Moodle exploitation using CVEs
Moodle exploitation using CVEs
Exploiting the backdoor planted in PHP 8.1-dev
Abusing JWT key identifier and breaking out of a Docker container
Deserialization attack on YAML and reversing web assembly
Code execution with path traversal
Pwning Drupal 7 CMS with Drupalgeddon and abusing Snap with malicious snap package
Hands on with ShellShock vulnerability
Getting password from automatic login script of ChromeOS
This is a machine that allows you to practise web app hacking and privilege escalation
Friendly PHP insecure deserialization attack and race condition
Exploiting exploitation tools and command injection in a log file
DC-9 from VulnHub features a website that is vulnerable to SQL injection. I’m able to dump a bunch …
DC-6 starts off by enumerating usernames from a WordPress website and use a brute-force attack …
Example of a phishing attack and PyPI package exploitation
Exploiting OpenNetAdmin vulnerability and sudo nano