write-ups

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating SMB user enumeration, weak password reuse, writable logon script abuse, and GPO-based privilege escalation.

Active Directory machine demonstrating anonymous LDAP enumeration, password reset abuse, SeRestorePrivilege execution, and manual NTDS extraction.

Windows machine demonstrating anonymous FTP exposure, credential recovery from MDB and PST files, Telnet access, and stored credential abuse.

Windows machine demonstrating unauthenticated file upload leading to CloudMe buffer overflow exploitation and administrator access.

Linux machine demonstrating exposed PHP web shell access, sudo-based lateral movement, and cron-driven privilege escalation.

Windows machine demonstrating Adobe ColdFusion remote code execution and kernel-based privilege escalation to SYSTEM.

Windows machine demonstrating IIS upload bypass with web.config abuse and kernel exploit privilege escalation.

Linux machine demonstrating Jenkins CLI arbitrary file read, Jenkins user hash extraction, credential cracking, and SSH key abuse for root access.

Linux machine demonstrating vhost discovery, Dolibarr authenticated RCE, credential disclosure, and Enlightenment SUID privilege escalation.