Posts
All the things I've posted.
Certified Professional Penetration Tester (eCPPTv3) Review
Published: at 05:56 PMHonest eCPPTv3 review: what the exam looks like, why I failed the first attempt, how I fixed my prep with AD labs, and whether I recommend spending money on it now.
HTB • CTF • WifineticTwo • Write-Up
Published: at 09:29 AMHack The Box WifineticTwo write-up: exploit WPS with OneShot to get Wi‑Fi access, pivot into the OpenWrt router and use chisel + proxychains to reach the internal flag.
HTB • CTF • PermX • Write-Up
Published: at 06:35 PMHack The Box PermX write-up: exploit Chamilo CVE-2023-4220, pivot with MySQL creds and password reuse, then abuse a symbolic-link based ACL helper for a clean root.
HTB • CTF • BoardLight • Write-Up
Published: at 11:30 AMHack The Box CTF - BoardLight. Subdomain fuzzing, Exploiting Dolibarr 17.0.0, password reuse and suid privesc (CVE-2022-37706).