writeups 18

• Breaking Down Servmon - Exploiting CVE-2019-20085 and Innovating Privesc with NSClient++ API Apr 15, 2024
• SQL Injection to System Domination - A Journey through HTB's Toolbox Machine Apr 13, 2024
• Driver - Exploiting SCF files for Credential Theft and PrintNightmare for Privilege Escalation Apr 8, 2024
• Exploring Return - Leveraging a Network Printer, Exploiting SeBackupPrivilege and Server Operator Group Apr 4, 2024
• Unlocking Timelapse - A Journey Through WinRM, Credential Reuse, and LAPS Apr 2, 2024
• Exploring Sandworm - SSTI, Sandbox Bypass, and Firejail Root Exploit for Privilege Escalation Nov 4, 2023
• Cracking Clicker - NFS Enumeration, Broken Access Control, RCE via File Write, and Privilege Escalation via Environment Variables Oct 28, 2023
• Analytical HackTheBox Writeup - Metabase Pre auth RCE and Gameoverlay Ubuntu Privilege Escalation Oct 21, 2023
• A tale of finding an interesting XSS vulnerability Aug 14, 2023
• From Default Credentials to Full Control - Unraveling MonitorsTwo on HackTheBox Aug 6, 2023
• Pilgrimage HTB - Unmasking the Path - Git Exposure, CVE Exploits, and Complete Control Aug 5, 2023
• Solving the Sau Mystery - A Thrilling HTB Machine Walkthrough Aug 2, 2023
• SSTI - Hacking Templates and Unleashing Server-Side Power Aug 1, 2023
• Stocker - HackTheBox Jan 21, 2023
• Soccer - HackTheBox Dec 29, 2022
• Neonify - Web challenge - HackTheBox Dec 26, 2022
• Precious - HackTheBox Dec 23, 2022
• C.O.P - Web challenge - HackTheBox Dec 21, 2022