CTF write-ups
Hack The Box, Proving Grounds, TryHackMe, and other CTF-style walkthroughs.
PG • CTF • Internal • Write-Up
Published: at 12:36 PMProving Grounds Internal write-up: very old Windows Server 2008 box where we find SMBv2 CVE-2009-3103 with nmap and use Metasploit to pop a SYSTEM meterpreter.
PG • CTF • Jacko • Write-Up
Published: at 12:36 PMProving Grounds CTF - Jacko. H2 database misconfiguration, RCE, and DLL hijacking in PaperStream IP.
PG • CTF • Vault • Write-Up
Published: at 12:36 PMProving Grounds Vault write-up: drop a malicious URL/SCF file into a writable SMB share, capture a domain user hash, get a WinRM shell and abuse SeRestorePrivilege with Utilman.
HTB • CTF • Administrator • Write-Up
Updated: at 10:46 AMHack The Box CTF - Administrator. Bloodhound Enumeration, Abusing GenericAll, ForceChangePassword, GenericWrite, DCSync, and Decrypting pwsafe