ssanjua's

This VM, provided by Pentester Lab, has a website vulnerable to padding oracle attack. Our goal is to exploit this vulnerability and login as admin.

This is a Linux box that involved exploiting the PUT http method to upload a PHP script through which a reverse shell can be obtained, and then using a known vulnerability in the chkrootkit program to escalate to root.

Pluck is a Boot2Root CTF Challenge and is available at Vulnhub. This challenge is for “Intermediates” and requires some good enumeration and exploitation skills to get root.

MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.

Cereal is a machine that has a vulnerability of insecure deserialization in PHP. Also, we must enumerate the machine properly. Otherwise, we might not even get the foothold

This VM, provided by Pentester Lab, has a website vulnerable to padding oracle attack. Our goal is to exploit this vulnerability and login as admin.

This is a Linux box that involved exploiting the PUT http method to upload a PHP script through which a reverse shell can be obtained, and then using a known vulnerability in the chkrootkit program to escalate to root.

Pluck is a Boot2Root CTF Challenge and is available at Vulnhub. This challenge is for “Intermediates” and requires some good enumeration and exploitation skills to get root.

MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.