Hack The Box - Cache
We are going to pwn Cache from Hack The Box.
Sqli
Hack The Box - Magic
Initial is by doing a SQLI to bypass login. And File Upload Vulnerability, from there we can get a shell and find user creds in SQL database. And root is by path hijack attack.
Hack The Box - Giddy
Giddy is a medium windows box, getting initial shell is by grabbing the NTLMv2 hash of SMB from SQL injection. And Privilege escalation is by vulnerability in a software called Ubiquiti UniFi Video.
Hack The Box - Jarvis
We are going to pwn Jarvis from Hack The Box.
Vulnhub - DC 9
Gobuster Scan doesn’t give anything useful.