[roothackinwithpj131 ~]$

Latest Write-ups

proving-grounds linux flatpress rce webshell sudo apt-get gtfobins

Proving Grounds - Press

Box Overview Press is a Linux machine from Offensive Security’s Proving Grounds featuring exploitation of FlatPress CMS and privilege escalation through apt-get sudo misconfiguration. Enumeration Nmap Scan sudo nmap -sS -sC -A 192.168.227.29 -T4 -oN first.scan -p- Open Ports: 22/tcp - SSH (OpenSSH 8.4p1 Debian) 80/tcp - HTTP (Apache 2.4.56) - “Lugx Gaming Shop HTML5 Template” 8089/tcp - HTTP (Apache 2.4.56) - FlatPress fp-1.2.1 ✅ Service Identification Port 8089 is running FlatPress - a flat-file blogging engine (no database required).

Read more ?
proving-grounds windows squid-proxy phpmyadmin webshell fullpowers printspoofer seimpersonate

Proving Grounds - Squid

Box Overview Squid is a Windows machine from Offensive Security’s Proving Grounds featuring Squid proxy enumeration, PHPMyAdmin exploitation, and privilege escalation through SeImpersonate token abuse using FullPowers and PrintSpoofer. Enumeration Nmap Scan sudo nmap -sS -sC -A 192.168.229.189 -T4 -oN first.scan -p- Open Ports: 135/tcp - Microsoft Windows RPC 139/tcp - NetBIOS-SSN 445/tcp - SMB 3128/tcp - Squid HTTP Proxy 4.14 ✅ 49666-49667/tcp - Microsoft Windows RPC Squid Proxy Enumeration Port 3128 is running Squid Proxy - a caching and forwarding HTTP proxy.

Read more ?