Cron Jobs – Linux Privilege Escalation

In this post, we will be deep diving into cron jobs and how they can be exploited to escalate our privileges from a standard user to root. We will start by learning what cron jobs are and how they work.…
In this post, we will be deep diving into cron jobs and how they can be exploited to escalate our privileges from a standard user to root. We will start by learning what cron jobs are and how they work.…
For this post, we will explore escalating privileges on a target Linux host by using Docker breakout techniques. We will review three different docker breakout scenarios. In each scenario, we will see a different technique that can be leveraged to…
In this post, we will be exploring manual enumeration techniques that can be used to get a “lay of the land” on a target host once a foothold has been established. Manual enumeration is an important skill to possess as…
In this Walkthrough, we will be hacking the machine Monteverde from HackTheBox. To begin, we will preform domain specific enumeration, which leads to the discovery that we can dump a lot of information about the DC over LDAP with an…
In this Walkthrough, we will be hacking the machine Sauna from HackTheBox. We will start with some domain specific enumeration with no credentials, hunting for anonymous access. An anonymous LDAP search will reveal our first user ‘hsmith’. Unable to AS-REP…
In this Walkthrough, we will be hacking the machine Forest from HackTheBox. We will start with some domain specific enumeration with no credentials, hunting for anonymous access. From there, we will find a quick win as we look for an…
In this Walkthrough, we will be hacking the machine Active from HackTheBox. To begin, we will enumerate the SMB shares and find two custom shares named Users and Replication. Inside the Replication share, we will find the Groups.xml file, which…
In this Walkthrough, we will be hacking the machine Chatterbox from HackTheBox. We’ll begin by finding a few interesting ports open, most notably 9255 and 9256. After running multiple nmap scans, we’ll find that the service running on these ports…
In this Walkthrough, we will be hacking the machine Bastion from HackTheBox. We will begin by finding a few interesting ports open including 22 (SSH), 445, (SMB), and 5985 (WinRM). From there, we will start the enumeration phase by successfully…