Tag:vulnhub

Posts with the tag "vulnhub".

• Cereal 1

  September 4, 2024 | 04:55 PM
• #Vulnhub
• #Hacker
• #Easy
• #PHP

Cereal is a machine that has a vulnerability of insecure deserialization in PHP. Also, we must enumerate the machine properly. Otherwise, we might not even get the foothold

• My Expenses 1

  September 20, 2024 | 04:55 PM
• #Vulnhub
• #Hacking web
• #Medium

MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.

• Oracle Machine

  September 28, 2024 | 04:55 PM
• #Vulnhub
• #Padding Oracle
• #Easy

This VM, provided by Pentester Lab, has a website vulnerable to padding oracle attack. Our goal is to exploit this vulnerability and login as admin.

• Pluck 1

  September 21, 2024 | 05:00 PM
• #Vulnhub
• #Privilege Scalation
• #Medium

Pluck is a Boot2Root CTF Challenge and is available at Vulnhub. This challenge is for “Intermediates” and requires some good enumeration and exploitation skills to get root.

• Sickos 1

  September 23, 2024 | 05:00 PM
• #Vulnhub
• #Privilege-scalation
• #Medium

This is a Linux box that involved exploiting the PUT http method to upload a PHP script through which a reverse shell can be obtained, and then using a known vulnerability in the chkrootkit program to escalate to root.