https://miisterc.github.io/blog,sc17,cybersecurity,infosec,security,student,github 2025-10-12T07:18:41+00:00 Sc17 https://miisterc.github.io/ Jekyll © 2025 Sc17 /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-10-12T04:00:00+00:00 2025-10-12T04:00:00+00:00 https://miisterc.github.io/posts/Snare/ Sc17

Snare was a easy level box , where we leveraged a RFI to get a foothold in the system then after enumeration we found out , we had write access on a critical system file m by overwriting it , we got to root. Initial Enumeration. Nmap Result. $ nmap -vvv -p 22,80 -4 -sV -oN nmap 10.150.150.18 PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubun...

2025-10-05T04:00:00+00:00 2025-10-05T04:00:00+00:00 https://miisterc.github.io/posts/SilentDev/ Sc17

SilentDev was a very simple Linux Box , where we got initial foothold by leveraging a file upload vulnerability as www-data user , then we performed a lateral movement to developer user by exploiting a wildcard injection in a cronjob, then we move again to alfonso user by exploiting a injection vulnerability in a custom bash script that can be run by developer and land a shell as alfonso user ,...