Blog

CyberSecLabs – “Shares” Walkthrough

Shares from CyberSecLabs is a interesting beginner box in that there’s very little actual exploitation. No reverse shells, no payloads and we also won’t be using any automated tools for enumeration during privilege escalation. What we will be doing is taking advantage of a open share containing a user’s home directory with everything that entails. … Continue reading “CyberSecLabs – “Shares” Walkthrough”

CyberSecLabs – “Deployable” Walkthrough

Deployable from CyberSecLabs is a beginner level box where we’ll explore a default Apache Tomcat installation for initial access. Then use winPEAS to enumerate the box and find the privilege escalation path by exploiting a vulnerable Windows service. Let’s get started. Deployable’s IP address is 172.31.1.13. Scanning and Enumeration As per usual we start with … Continue reading “CyberSecLabs – “Deployable” Walkthrough”

CyberSecLabs – “Boats” Walkthrough

Boats from CyberSecLabs is a beginner Windows box hosting a web server. I’ll demonstrate two different methods of exploitation. First we exploit a insecure phpMyAdmin install, and second we take advantage of a WordPress plugin Remote File Inclusion vulnerability. Boats IP address is 172.31.1.14. Scanning I start with a Nmap scan running default scripts with … Continue reading “CyberSecLabs – “Boats” Walkthrough”

Loading…

Something went wrong. Please refresh the page and/or try again.


Follow My Blog

Get new content delivered directly to your inbox.