OSCP
Here are a set of commands, utilities and attacks collected for the OSCP certification.
Cybersecurity Blog: Reports, Cheat Sheets, and Step-by-Step Write-Ups
Welcome to my cybersecurity blog, where I share detailed hacking reports, practical cheat sheets, and comprehensive step-by-step penetration testing write-ups. Whether you are a beginner or an experienced professional, you'll find valuable insights, methodologies, and tools gained from real-world labs, vulnerability assessments, and certification challenges like OSCP and more. Dive into my journey to learn and improve your skills!
Take your time to explore the reports, reviews and articles below. And if you're curious to learn more about the person behind the articles on this blog, visit my About Me page.
HackMyVM - MagiFi
MagiFi is a machine with vulnerabilities like SSTI for remote execution, credential capture via WiFi attacks, and privilege escalation using a malicious binary disguised as a PNG.
Vulnlab - Breach
This post describes a complete attack chain executed in a practice lab environment. The process began with enumerating exposed services, followed by exploiting writable SMB shares to capture NTLMv2 hashes. The credentials obtained were used to perform Kerberoasting, and the cracked service account credentials facilitated a Silver Ticket attack to gain administrative control. Each step is detailed below, highlighting the vulnerabilities and exploitation techniques.
Vulnlab - Trusted
This report outlines the exploitation and escalation of a multi-domain Active Directory environment involving two servers: labdc.lab.trusted.vl and trusteddc.trusted.vl. The attack progression includes LFI (Local File Inclusion) leading to credential disclosure on labdc.lab.trusted.vl, command injection through database manipulation, credentials extraction to lateral movement and Cross-Domain Escalation using Golden Ticket.
Vulnlab - Hybrid
This write-up outlines the exploitation and escalation of a vulnerable infrastructure consisting of two hosts mail01.hybrid.vl and DC01.hybrid.vl. Key vulnerabilities include NFS Misconfiguration leading to file access and impersonation, command injection in a RoundCube plugin, Weak certificate template permissions allowing privilege escalation via ESC1 and Kerberos credential extraction enabling further lateral movement.
Vulnlab - Bamboo
This write-up documents the process of identifying and exploiting vulnerabilities on a server hosting a Squid proxy and a vulnerable instance of PaperCut NG. Privilege escalation is achieved by leveraging weak file permissions and a misconfigured scheduled execution of a trusted binary.
Vulnlab - Baby2
This write-up details the exploitation of a Windows domain controller vulnerable to several misconfigurations, leveraging SMB access, password spraying, and GPO abuse to escalate privileges from a low-privileged user to domain administrator.
Vulnlab - Sync
This post details the exploitation of a Linux server running FTP, HTTP, Rsync, and SSH services. The attack involves leveraging the Rsync service to retrieve sensitive information, crack hashed credentials, and ultimately escalate privileges to root.
Vulnlab - Retro2
This post details the steps followed during the exploitation of a machine in a penetration testing lab. The process covers initial reconnaissance, enumeration, exploitation, and privilege escalation to achieve full control over the target system.
Vulnlab - Retro
This write-up documents the exploitation of a simulated Active Directory (AD) environment in a practice lab. The goal was to identify vulnerabilities and escalate privileges to the domain administrator level while leveraging various enumeration, exploitation, and post-exploitation techniques.