Posts
All the articles I've posted.
WriteUp Zerotrace - Vulnyx
Published:Writeup describing the resolution of the Zerotrace machine created by suraxddq for the Vulnyx platform. It is the first writeup on my blog that does not belong to a machine created by me.
WriteUp Token Of Hate - TheHackersLabs
Published:Resolution of a TheHackersLabs CTF, involving enumeration, stored XSS exploitation via Unicode, cookie hijacking, LFI and SSRF attacks, JWT manipulation for RCE, and privilege escalation via capabilities on Linux.
WriteUp Token Of Love - TheHackersLabs
Published:Writeup narrating the exploitation in "Token Of Love," where a hidden clue in IPFS is deciphered to obtain the private key and manipulate the JWT. Vulnerabilities in Node.js are exploited to achieve RCE, and by using sudo with tee and a vulnerability in rsync wildcards, privilege escalation to root is achieved.
WriteUp Matrix - Vulnyx
Published:This writeup documents the exploitation of a vulnerable machine inspired by Matrix, using traffic analysis, PHP injection, and privilege escalation with rsync to gain root access.