LFI

This post is a walkthrough of the Hack The Box (Originally VulnLab Box) room Down Intro Down is an easy Linux box created originally for Vulnlabs. Hack The Box recently acquired Vulnlabs and are sarting make available the machines. You will need a HTB VIP+ account to access these boxes. From SSRF to Root: A Step-by-Step Breakdown of a Web App Exploitation Chain In this penetration testing engagement, we began by discovering a Server-Side Request Forgery (SSRF) vulnerability, which led us to a Local File Inclusion (LFI) flaw. Exploiting the LFI, we extracted the source code of the web application, revealing a hidden “expertmode” feature designed to check open ports using netcat. ...

This post is a walkthrough of the Try Hack Me room Red Intro Red is a TryHackMe room created by readysetexploit which was inspired by TryHackMe’s King of the Hill. The theme of this machine is a battle between red and blue in which we try to navigate red’s defense mechanisms in order to take back the machine. We start by finding a Web Server that is vulnerable to Local File Inclusion. We use to read blue’s history file in order to create a password list. We gain access to the server and find that we can edit the hosts file so that a reverse shell that is being executed by red points to us. We then make use of the PwnKit exploit in order to get root and defeat red. Although it seems pretty straightforward, red’s defenses add a layer of complexity that can irritate even the most seasoned player. ...

This post is a walkthrough of the Try Hack Me room Intranet Intro The web application development company SecureSolaCoders has created their own intranet page. The developers are still very young and inexperienced, but they ensured their boss (Magnus) that the web application was secured appropriately. The developers said, “Don’t worry, Magnus. We have learnt from our previous mistakes. It won’t happen again”. However, Magnus was not convinced, as they had introduced many strange vulnerabilities in their customers’ applications earlier. ...