Introduction In this walkthrough, I tackled Return, an easy Windows machine that featured a network printer administration panel. During enumeration, I discovered the panel stored LDAP credentials...

192.168.219.166 Introduction In this guide, I exploited a Local File Inclusion (LFI) vulnerability in a vulnerable WordPress plugin to interact with a locally running Redis service. By chaining t...

Introduction In this walkthrough, I worked on Vmdak, an intermediate-rated Linux machine on PG Practice. Initial enumeration revealed port 9443 running a Prison Management System (PMS). Through on...

Introduction In this walkthrough, I tackled the Remote machine, an easy Windows box. During initial enumeration, I discovered a world-readable NFS share which contained Umbraco CMS credentials. Us...

Introduction In this walkthrough, I worked on the intermediate Linux machine Ochima from PG Practice. During initial enumeration, I discovered that port 8338 was open and hosting Maltrail v0.52. I...

Introduction In this walkthrough, I tackled Access, an easy-level Windows machine that demonstrates how devices tied to physical security can have poor digital security hygiene. I started by conne...

Introduction In this walkthrough, I tackled Flight, a challenging Windows machine that begins with a web application hosted on two virtual domains. I discovered that one of the virtual hosts was v...

Introduction In this walkthrough, I explore Arctic, an easy-level Windows machine with a relatively simple exploitation path. I began by analyzing the web server’s behavior and pinpointing a vulne...

Introduction In this walkthrough, we target a support ticketing system running on the machine, which uses default credentials. After logging in, we discover cleartext credentials within the interf...

Introduction In this walkthrough, we exploit the target by abusing an API functionality in a web application that lacks proper input validation. This flaw allows us to upload and execute a malicio...