Charles Quaye

Charles Quaye

CISSP eJPT PenTest+

Posts by Tag

linux

Brainpan - Vulnhub

12 minute read

Brainpan is a linux box running a windows binary on a specific port. The binary is vulnerable to buffer overflow attack and this was leveraged to gain access...

Postman - Hack The Box

9 minute read

Postman was an easy straight forward box. It had realistic vulnerabilities which had CVEs about them. I had to write my ssh public keys into a redis user aut...

Back to top ↑

Active Directory

Cicada - Hack The Box

14 minute read

Cicada is a Windows AD box which required enumerating SMB shares multiple times with different users revealing different shares, leading to some juicy inform...

Active - Hack The Box

8 minute read

Active is an easy Windows machine, which features two very prevalent techniques to gain privileges within an Active Directory environment

Back to top ↑

redis

Postman - Hack The Box

9 minute read

Postman was an easy straight forward box. It had realistic vulnerabilities which had CVEs about them. I had to write my ssh public keys into a redis user aut...

Back to top ↑

CVE

Postman - Hack The Box

9 minute read

Postman was an easy straight forward box. It had realistic vulnerabilities which had CVEs about them. I had to write my ssh public keys into a redis user aut...

Back to top ↑

webmin

Postman - Hack The Box

9 minute read

Postman was an easy straight forward box. It had realistic vulnerabilities which had CVEs about them. I had to write my ssh public keys into a redis user aut...

Back to top ↑

rce

Postman - Hack The Box

9 minute read

Postman was an easy straight forward box. It had realistic vulnerabilities which had CVEs about them. I had to write my ssh public keys into a redis user aut...

Back to top ↑

irc

Back to top ↑

kernel exploits

Back to top ↑

docker

Back to top ↑

nostromo

Traverxec - Hack The Box

7 minute read

Traverxec is an easy box that start with a custom vulnerable webserver with an unauthenticated RCE that we exploit to land an initial shell. After pivoting t...

Back to top ↑

journalctl

Traverxec - Hack The Box

7 minute read

Traverxec is an easy box that start with a custom vulnerable webserver with an unauthenticated RCE that we exploit to land an initial shell. After pivoting t...

Back to top ↑

gtfobins

Traverxec - Hack The Box

7 minute read

Traverxec is an easy box that start with a custom vulnerable webserver with an unauthenticated RCE that we exploit to land an initial shell. After pivoting t...

Back to top ↑

buffer overflow

Brainpan - Vulnhub

12 minute read

Brainpan is a linux box running a windows binary on a specific port. The binary is vulnerable to buffer overflow attack and this was leveraged to gain access...

Back to top ↑

sudo

Brainpan - Vulnhub

12 minute read

Brainpan is a linux box running a windows binary on a specific port. The binary is vulnerable to buffer overflow attack and this was leveraged to gain access...

Back to top ↑

Kerberoasting

Active - Hack The Box

8 minute read

Active is an easy Windows machine, which features two very prevalent techniques to gain privileges within an Active Directory environment

Back to top ↑

GPO

Active - Hack The Box

8 minute read

Active is an easy Windows machine, which features two very prevalent techniques to gain privileges within an Active Directory environment

Back to top ↑

SMB

Cicada - Hack The Box

14 minute read

Cicada is a Windows AD box which required enumerating SMB shares multiple times with different users revealing different shares, leading to some juicy inform...

Back to top ↑

LDAP

Cicada - Hack The Box

14 minute read

Cicada is a Windows AD box which required enumerating SMB shares multiple times with different users revealing different shares, leading to some juicy inform...

Back to top ↑

SeBackupPrivilege

Cicada - Hack The Box

14 minute read

Cicada is a Windows AD box which required enumerating SMB shares multiple times with different users revealing different shares, leading to some juicy inform...

Back to top ↑