Blind RCE and DNS Exfilteration
Description: I was doing a security testing against a web server running WebLogic. A potential RCE due to CVE-2019-2725 was reported and I was verifying it. I was following the PoC given here.
Recent posts
Hack The Box - Tabby Writeup
Hack The Box - Tabby
Hack The Box - Doctor Writeup
Hack The Box - Doctor
Hack The Box - Forest Writeup
Description: Forest is a easy level box that can be really helpful to practice some AD related attacks. Although rated as easy, it was a medium box for me considering that all attack vectors where pretty new to me.
Hack The Box - Buff Writeup
Hack The Box - Buff
Hack The Box - Remote Writeup
Hack The Box - Remote
Hack The Box - Poison Writeup
Description: This a medium rated freebsd machine. Easy user shell and an interesting privilege escalation vector.
Hack The Box - Irked Writeup
Description: Easy rated linux machine. Good box to learn some stego and also good for practicing privilege escalation for OSCP.
Hack The Box - Bastard Writeup
Description: Medium rated windows box running Drupal 7. This box provides a very good learning experience for OSCP.
Hack The Box - Granny Writeup (without MSF)
Description: This is an easy rated box but was kind of a medium easy box for me. Doing this box without metasploit as part of my OSCP preparation.