Year of the Jellyfish @ TryHackMe
In this video, we are going to solve Jellyfish, a medium difficulty box from TryHackMe, which involves exploiting a PHP web app called Monitorr and using dirty_sock for root.
30Apr
Related Posts
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
31Jul
JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we'll modify a JWT Token, upload a PHP-Webshell and use... read more
28Dec
InfernoCTF Weakened Keys
"Weakened Keys" was an interesting crypto challenge on InfernoCTF. read more
10Apr
APT @ HackTheBox
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the... read more
13Apr
LaCasaDePapel @ HackTheBox
LaCasaDePapel is a rather easy machine on hackthebox.eu, featuring the use of php reflection, creating and signing of client certificates... read more
15Feb
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
22Feb
Zetta @ HackTheBox
Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to... read more
29May
XSS, Deserialization & SeImpersonate – Cereal @ HackTheBox
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
04Jul
ForwardSlash @ HackTheBox
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more