Advent of Cyber 2024 Hello all, welcome back to the Advent of Cyber 2024. Day 1: Maybe SOC-mas music, he thought, doesn’t come from a store? Question 1: Looks like the song.mp3 file is not what ...

Pyrat Summary As decription of room. That is step by step to do this. NMAP PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.7 (U...

The London Bridge Summary Enumeration Hiden Parameter. SSRF –> local port –> gaince access. Old kernel vulnerability. Firefox_decryptor profile. NMAP PORT STAT...

Cheese CTF Summary Emumeration hidden. LFI –> PHP Filters Chain RCE –> revershell. Writeable /.ssh/authorized_key –> SSH. Systemd Timer –> xxd SUID NMAP Too ...

mKingdom Summary Weak credentials in the admin portal. Hidden Creds in the backup file and environment. NMAP PORT STATE SERVICE REASON VERSION 85/tcp open http syn-ack Ap...

Airplane Summary LFI on the homepage. App is running on port 6048 –> Exploit get revershell. Priv with SUID. NMAP PORT STATE SERVICE REASON VERSION 22/tcp open s...

Creative Summary ‘beta’ subdomain SSRF –> LFI LPE with LD_Preload NMAP Nmap scan report for creative.thm (10.10.204.200) Host is up (0.40s latency). Not shown: 998 filter...

CyberLens Summary Port 61777 open ==> Apache Tika 1.17 Server ==> CVE-2018-1335 Use Metasploit exploit user Use PrivescCheck.ps1, check Windows Privilege Escalation Alwa...

Hack Smarter Security Summary Port 1311 open ==> DellEMC version 9.4.0.2 ==> CVE-2020-5377 Use creds login SSH Login SSH, check Privilege Escalation AV is running ==>...

Jupiter NMAP PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 256 ac:5b:be:79:2d:c9:7a:00:ed:9a:e...