Year of the Jellyfish @ TryHackMe
In this video, we are going to solve Jellyfish, a medium difficulty box from TryHackMe, which involves exploiting a PHP web app called Monitorr and using dirty_sock for root.
30Apr
Related Posts
27Jun
Player2 @ HackTheBox
Player2 is a 50-point Linux machine on HackTheBox. For user we do some web fuzzing, call a twirp method to... read more
14Aug
DNS Rebinding, XSS & 2FA SSH – Crossfit2 @ HackTheBox
We are solving Crossfit2, a 50-point OpenBSD machine on HackTheBox. read more
05Dec
Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more
17Apr
Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for... read more
13Jun
Monteverde @ HackTheBox
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
25Sep
SEH Based Buffer Overflow with Space Limitations – Kevin @ PG Practice
We are solving Kevin, an easy-rated Windows machine on PG Practice that involves a SEH Based Buffer Overflow. read more
10Jul
Electron-Updater RCE – Atom @ HackTheBox
We are going to solve Atom, a 30-point machine on HackTheBox where we'll analyze an electron app and exploit its... read more
03Nov
Ekoparty 2022 BFS Windows Challenge
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022. read more
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more