Introduction In this walkthrough, I worked on an intermediate-level Linux machine. Port 80 was open, and while exploring it, I discovered a virtual host running the Simple Online Planning Tool v1....

Introduction In this walkthrough, I identified that ports 22 and 80 were open on the target machine. Navigating to port 80, I discovered a phpinfo.php page, which disclosed the SPX version and its...

Introduction In this walkthrough, I tackled Jarvis, a medium-difficulty Linux machine. It starts with a web server that includes DoS and brute-force protection mechanisms. By identifying a manuall...

Introduction In this walkthrough, I tackled Return, an easy Windows machine that featured a network printer administration panel. During enumeration, I discovered the panel stored LDAP credentials...

192.168.219.166 Introduction In this guide, I exploited a Local File Inclusion (LFI) vulnerability in a vulnerable WordPress plugin to interact with a locally running Redis service. By chaining t...

Introduction In this walkthrough, I worked on Vmdak, an intermediate-rated Linux machine on PG Practice. Initial enumeration revealed port 9443 running a Prison Management System (PMS). Through on...

Introduction In this walkthrough, I tackled the Remote machine, an easy Windows box. During initial enumeration, I discovered a world-readable NFS share which contained Umbraco CMS credentials. Us...

Introduction In this walkthrough, I worked on the intermediate Linux machine Ochima from PG Practice. During initial enumeration, I discovered that port 8338 was open and hosting Maltrail v0.52. I...

Introduction In this walkthrough, I tackled Access, an easy-level Windows machine that demonstrates how devices tied to physical security can have poor digital security hygiene. I started by conne...

Introduction In this walkthrough, I tackled Flight, a challenging Windows machine that begins with a web application hosted on two virtual domains. I discovered that one of the virtual hosts was v...