In this Walkthrough, we will be hacking the machine Cascade from HackTheBox. To begin, we will quickly find that we are able to dump information from LDAP using an anonymous session. During our LDAP enumeration, we will create a list…
In this post, we will go over various techniques that allow us to perform file transfers from our attacker machine onto a victim Linux host (download), as well as from a victim Linux host back onto our attacker machine (upload).…
In this post, we will be continuing with Part-2 on how to escalate privileges by abusing the sudo binary / privilege. If you have not checked out Part-1 yet, I strongly suggest starting there before reading this post. In Part-2, we will shift our…
For this two-part post on Linux Privilege Escalation techniques, we will be deep-diving into the various ways to exploit the sudo binary / privilege. This post ended up being longer than I had originally anticipated, so I had to split…
In this post, we will explore how an attacker can escalate privileges from a standard user to root by exploiting the Fail2Ban service. We will begin by learning what Fail2Ban is, how it works, and which configuration files are important…
In this post, we will be continuing with the second part of the two-part post on escalating privileges by abusing SUID and SGID permissions. If you have not checked out Part-1 yet, I strongly suggest starting there before reading this…