Linux

Initial is by doing a SQLI to bypass login. And File Upload Vulnerability, from there we can get a shell and find user creds in SQL database. And root is by path hijack attack.

This box includes tons of enumeration and Initial is by exploiting OAuth by authoring the administrator and create our own application and get admin session ID and grab ssh key of the user. And then …

Getting Initial is by gathering usernames from Finger service and gusesing the password gives use user shell and We need to find backup shadow file to get user sammy’s password and privilege …

Getting Initial is by finding a vulnerable wordpress plugin and Privilege Escalation is exploiting a Custom script. Its really a fun box.

Book is an Medium Linux Box, Getting Initial is login as admin by sql truncation method and then further exploiting it by Reflected XSS and getting user ssh keys. And Root is exploiting Logrotate, …