CVE-2023–4506 & CVE-2023–4505: LDAP passback on miniOrange pluginsHow I found two LDAP passback vulnerabilities on miniorange LDAP plugins.Sep 15, 20232Sep 15, 20232
CVE-2023–3251: SMTP Pass Back on Tenable NessusHow I discovered an SMTP passback vulnerability on Tenable Nessus Server.Sep 14, 2023Sep 14, 2023
Published inInfoSec Write-upsLDAP PassBack Attacks, the docker wayTL DR: Automatizing the deploy of ldap server to realise LDAP pass back attacks.Jan 16, 20231Jan 16, 20231
Published inCodeXTryHackMe: LazyAdminLazyAdmin is a machine of easy TryHackMe platform, in it, we will exploit a vulnerability of arbitrary upload of files andDec 18, 20221Dec 18, 20221
Published inCodeXTryhackme: OverpassOverpass is an easy TryHackMe machine in which we will exploit a broken authentication bug. Later, we will escalate privileges by a cron…Dec 17, 2022Dec 17, 2022
Published inInfoSec Write-upsTryhackme: Simple CTFSimple CTF is an easy machine from TryHackMe. On it, we will exploit a SQL injection in a CMS and use vim to elevate privileges.Dec 15, 2022Dec 15, 2022
Published inCodeXTryHackMe: RootMeRootme is an easy TryHackMe machine in which we will bypass a file upload filter and exploit a SUID to elevate privileges on the system.Dec 14, 202251Dec 14, 202251
Published inCodeXTryhackme: Pickle RickPickle Rick is a TryHackMe easy machine in which we have to enumerate a web service and exploit a command execution to get a shell.Dec 13, 202211Dec 13, 202211
Published inCodeXTryHackMe: BebopBebop is an easy machine from TryHackMe that emulates a drone.Nov 30, 2022Nov 30, 2022
