Rated-Null - R:Null's hacky things (Page 2)

HTB - Cap Write-up

3 years ago 3 min read hackthebox easy writeup capabilities python

Rated Easy from HackTheBox, created by InfoSecJack. We learn about keeping sensitive information on webservers and dangers of Python's SETUID Capabilities.

HTB - Schooled Write-up

3 years ago 10 min read hackthebox medium writeup cve moodle xss session pkg gtfobins

Vulnerabilities/bad configurations exploited 1. XSS in Moodle LMS to steal Teacher session. 2. Moodle LMS privilege escalation from Teacher role to Manager role (CVE-2020-14321). 3. Weak password/password re-use 4. User sudo

HTB - Knife Write-up

3 years ago 4 min read hackthebox easy php knife ruby writeup

Rated Easy by HackTheBox, created by MrKN16H. Through this machine, we learn about a vulnerability in PHP 8.1.0-dev, the importance of managing user privileges and securing sudoers.

DEF CON 29 Red Team Village Capture the Flag (CTF) - Part 2

3 years ago 5 min read ctf def con 29 rtv stego steganography minesweeper javascript network forensics osint writeup

My friends and I gathered to participate in an online CTF hosted by RedTeamVillage during DEF CON 29. And this is my writeup for the event.

Conti Ransomware affiliate leaks gang Playbook

3 years ago 6 min read leak ransomware thoughts

On 5 August 2021, a user leaked an archive of the Conti ransomware gang's manual and technical guides in a hacking forum.