Clik here to view.
Multiple Files to Capture NTLM Hashes: NTLM Theft
IntroductionOften while conducting penetration tests, attackers aim to escalate their privileges. Be it Kerberoasting or a simple lsass dump attack, stealing NTLM hashes always tops off the list of...
View ArticleClik here to view.
HackTheBox Toolbox Walkthrough
IntroductionToolbox is a CTF Windows box with difficulty rated as “easy” on HackTheBox platform. The machine covers SQL injections, gaining interactive shell, escaping container and escalating...
View ArticleClik here to view.
Previse HackTheBox Walkthrough
IntroductionPrevise is a CTF Linux box with difficulty rated as “easy” on the HackTheBox platform. The machine covers bypassing access control, OS command injection, hash cracking, privilege escalation...
View ArticleClik here to view.
DailyBugle TryHackMe Walkthrough
IntroductionDailyBugle is a CTF Linux box with difficulty rated as “medium” on the TryHackMe platform. The machine covers Joomla 3.7.0 SQL injection vulnerability and privilege escalation using yum....
View ArticleClik here to view.
Writer HackTheBox Walkthrough
Writer HackTheBox WalkthroughIntroductionWriter is a CTF Linux box with difficulty rated as “medium” on the HackTheBox platform. The machine covers SQL injection vulnerability and privilege escalation...
View ArticleClik here to view.
Hackable: 3 VulnHub Walkthrough
Hackable: 3, Vulnhub medium machine was created by Elias Sousa and can be downloadedhere.This lab is designed for experienced CTF players who want to put their abilities to the test. We used the...
View ArticleClik here to view.
Intelligence HacktheBox Walkthrough
IntroductionIntelligence is a CTF Windows box with difficulty rated as “medium” on the HackTheBox platform. The machine covers OSINT, AD attacks, and silver ticket for privilege escalation.Table of...
View ArticleClik here to view.
Corrosion: 2 VulnHub Walkthrough
Proxy Programmer's Corrosion: 2 is a Vulnhub medium machine. We can download the lab from here. This lab is designed for experienced CTF players who want to put their abilities to the test in a variety...
View ArticleClik here to view.
Process Ghosting Attack
IntroductionGabriel Landau released a post on Elastic Security here which talks about a technique through which antivirus evasion was found to be possible. The technique deals with creating a ghost...
View ArticleClik here to view.
Forge HackTheBox Walkthrough
IntroductionForge is a CTF linux box rated “medium” on the difficulty scale on HackTheBox platform. The box covers subdomain enumeration, SSRF attacks and basic reverse engineering of python script for...
View ArticleClik here to view.
Domain Persistence: Golden Certificate Attack
IntroductionSecurity analysts who have some knowledge about Active Directory and pentesting would know the concept of tickets. Kerberos, the default authentication mechanism in an AD, uses ticket-based...
View ArticleClik here to view.
Linux Privilege Escalation: Polkit CVE 2021-3560
IntroductionAccording to Red Hat, “Polkit stands for PolicyKit which is a framework that provides an authorization API used by privileged programs.” Pkexec is a tool in PolicyKit or polkit that allows...
View ArticleClik here to view.
Anubis HackTheBox Walkthrough
IntroductionAnubis is an “insane” level CTF box available on HackTheBox platform designed by 4ndr34z. The box covers real life scenario of initial exploitation by uploading ASP webshell, breaking out...
View ArticleClik here to view.
Domain Persistence: Computer Accounts
IntroductionOften while configuring Active Directories, system admins don’t recognize the harm that comes with allowing a local administrator account on a system assigned to a particular user....
View ArticleClik here to view.
Linux Privilege Escalation: PwnKit (CVE 2021-4034)
IntroductionTeam Qualys discovered a local privilege escalation vulnerability in PolicyKit’s (polkit) setuid tool pkexec which allows low-level users to run command as privileged users. According to...
View ArticleClik here to view.
Horizontall HackTheBox Walkthrough
IntroductionHorizontall is an “easy” rated CTF Linux box on Hack The Box platform. The box covers initial compromise by exploiting Strapi RCE vulnerability and escalating privileges by tunneling an...
View ArticleClik here to view.
Windows Privilege Escalation: SpoolFool
Windows Privilege Escalation: SpoolFoolIntroductionOliver Lyak posted a writeup about a Windows Privilege Escalation vulnerability that persisted in Windows systems even after patching of previous...
View ArticleClik here to view.
Windows Privilege Escalation: PrintNightmare
IntroductionPrint Spooler has been on researcher’s radar ever since Stuxnet worm used print spooler’s privilege escalation vulnerability to spread through the network in nuclear enrichment centrifuges...
View ArticleClik here to view.
Domain Escalation: PetitPotam NTLM Relay to ADCS Endpoints
IntroductionWill Schroeder and Lee Christensen wrote a research paper on this technique which can be referred to here. In ESC8 technique mentioned in the research paper, they talked about an inherent...
View ArticleClik here to view.
Windows Persistence: Shortcut Modification (T1547)
IntroductionAccording to MITRE, “Adversaries may configure system settings to automatically execute a program during system boot or logon to maintain persistence or gain higher-level privileges on...
View Article