Nibbles is a very straightforward box on Proving Grounds. It is in the "Get To Work" category because it requires two steps to root, however it really is simple enough to be part of the "Warm Up" category and is a great box for beginners looking to practice privilege escalation. Enumeration I started with AutoRecon … Continue reading Proving Grounds: Nibbles write-up
Fail is an intermediate box from Proving Grounds, the first box in the "Get To Work" category that I am doing a write-up on. Despite being an intermediate box it was relatively easy to exploit due with the help of a couple of online resources. Getting root access to the box requires exploitation of rsync … Continue reading Proving Grounds: Fail write-up
Kevin is an easy box from Proving Grounds that exploits a buffer overflow vulnerability in HP Power Manager to gain root in one step.
Algernon is an easy box from Proving Grounds that requires only a one step exploit to root with a pre-compiled script. Enumeration An nmap scan reveals 7 ports open. nmap output Port 9998 Browsing to port 9998 in a browser reveals a landing page with a login form for a system called "SmarterMail". SmarterMail on … Continue reading Proving Grounds: Algernon write-up
Wombo is an easy Linux box from Proving Grounds that requires exploitation of a Redis RCE vulnerability. There is no privilege escalation required as root is obtained in the foothold step. Enumeration Nmap shows 6 open ports. nmap using AutoRecon Port 6379 Nmap tells us that port 6379 is running Redis 5.0.9. A quick Google … Continue reading Proving Grounds: Wombo write-up
Slort is an intermediate Windows box from Proving Grounds. Being an intermediate box it has a two step process to obtain root, but it is still relatively straightforward and a good box to practice some fundamental skills Enumeration Nmap showed 7 open ports. There are things to explore on each of the ports, but 8080 … Continue reading Proving Grounds: Slort write-up
Twiggy was another easy box from Proving Grounds. If you've read the write-up on Bratarina then Twiggy follows a very similar methodology; by which I mean it's one step to root by executing a pre-compiled exploit on an unusual port. Enumeration As always we start with AutoRecon and check out the nmap. _quick_nmap Looks like … Continue reading Proving Grounds: Twiggy write-up
Bratarina Bratarina from Offensive Security's Proving Grounds is a very easy box to hack as there is no privilege escalation and root access is obtained with just one command using a premade exploit. The hardest part is finding the correct exploit as there are a few rabbit holes to avoid. Enumeration The first step always … Continue reading Proving Grounds: Bratarina write-up