Posts
All the articles I've posted.
WriteUp Sandwich - Vulnyx
Published:This writeup describes the exploitation and escalation of the Sandwich machine on the Vulnyx platform, where you can practice the sandwich technique on a password recovery form that generates UUIDs vulnerable to this technique.
WriteUp Zerotrace - Vulnyx
Published:Writeup describing the resolution of the Zerotrace machine created by suraxddq for the Vulnyx platform. It is the first writeup on my blog that does not belong to a machine created by me.
WriteUp Token Of Hate - TheHackersLabs
Published:Resolution of a TheHackersLabs CTF, involving enumeration, stored XSS exploitation via Unicode, cookie hijacking, LFI and SSRF attacks, JWT manipulation for RCE, and privilege escalation via capabilities on Linux.
WriteUp Token Of Love - TheHackersLabs
Published:Writeup narrating the exploitation in "Token Of Love," where a hidden clue in IPFS is deciphered to obtain the private key and manipulate the JWT. Vulnerabilities in Node.js are exploited to achieve RCE, and by using sudo with tee and a vulnerability in rsync wildcards, privilege escalation to root is achieved.