Intigriti Challenge 1025
Shopfix is a website that helps us render images from a URL, but… could that be the only thing it lets us do? Discover the solution(s) to this fun October challenge.
Recent Posts
Tenet - HackTheBox (OSCP STYLE)
During the process of resolving Tenet, I faced several challenges, since I worked as an Application Tester I could easy indefy a vulnerability in a backup code, also inside the machine I achieve the privilege escalation through a race condition, this machine is perfect for Developers that want to make their code more secure.
Topology - HackTheBox (OSCP STYLE)
During the process of resolving Topology, I faced several challenges, such as identifying a latex injection and .htpasswd that is a flat-file used to store usernames and password for basic authentication on an Apache HTTP Server.. To overcome these obstacles, I employed a methodology based on the OSCP.
GateKeeper - TryHackMe (OSCP STYLE)
Can you get past the gate and through the fire?
This machine from the buffer overflow group presents us with two challenges: discovering a buffer overflow in an application and escalating privileges. The only hint I’m going to give you is that enumeration and lateral thinking are important.
Buffer Overflow Prep (OSCP STYLE)
Even though buffer overflow is no longer included in the OSCP certification, I believe it is still a very interesting technique that everyone should be familiar with. That’s why in this write-up, we will explain how to perform one manually.
BrainStorm - TryHackMe (OSCP STYLE)
Reverse engineer a chat program and write a script to exploit a Windows machine, this is the introduction that TryHackme gives to Brainstorm machine, flagged as Medium difficulty, now continuing with the OSCP methodology we’ll pwn it throgh manual actions.
Relevant - TryHackMe (OSCP STYLE)
You have been assigned to a client that wants a penetration test conducted on an e nvironment due to be released to production in seven days.
With this introduction, TryHackMe proposes us the following challenge, basically they ask us to perform a black box pentest simulating that we are going to test the security of an application that will go into production in 7 days
OverPass 2 - TryHackMe (OSCP STYLE)
In this challenge, we put ourselves in the shoes of a cybersecurity analyst to investigate an attack on our network. By analyzing a Wireshark packet capture, we will discover how the attackers gained access, and the most interesting part…we’ll hack them back.
DailyBugle - TryHackMe (OSCP STYLE)
Welcome to DailyBugle CTF machine! This challenge involves exploiting a vulnerable version of Joomla, plaintext passwords, and an escalation of privileges through yum. Your objective is to gain access to the system by identifying and exploiting these vulnerabilities.
Skynet - TryHackMe (OSCP STYLE)
In this post, I will be explaining the resolution of a CTF machine that features vulnerabilities such as visible shared resources and cron tasks with administrator permissions. CTF machines are designed to simulate real-world cybersecurity challenges, and in this case, we will be exploring the steps to overcome the security measures of this particular machine. By understanding the techniques used to exploit these vulnerabilities, we can gain valuable insights into the importance of proper security measures and the risks associated with failing to implement them