Blind RCE and DNS Exfilteration
Description: I was doing a security testing against a web server running WebLogic. A potential RCE due to CVE-2019-2725 was reported and I was verifying it. I was following the PoC given here.
Description: I was doing a security testing against a web server running WebLogic. A potential RCE due to CVE-2019-2725 was reported and I was verifying it. I was following the PoC given here.
Hack The Box - Tabby
Hack The Box - Doctor
Description: Forest is a easy level box that can be really helpful to practice some AD related attacks. Although rated as easy, it was a medium box for me considering that all attack vectors where pretty new to me.
Hack The Box - Buff
Hack The Box - Remote
Description: This a medium rated freebsd machine. Easy user shell and an interesting privilege escalation vector.
Description: Easy rated linux machine. Good box to learn some stego and also good for practicing privilege escalation for OSCP.
Description: Medium rated windows box running Drupal 7. This box provides a very good learning experience for OSCP.
Description: This is an easy rated box but was kind of a medium easy box for me. Doing this box without metasploit as part of my OSCP preparation.