Home • Vulndev

16JanJanuary 16, 2022

Protected: Lab – Rainbow Walkthrough

There is no excerpt because this is a protected post.

By xctCTF, Vulnlabbinary exploitation, vulnlab, windows

15JanJanuary 15, 2022

XSS, Tab Nabbing & Rust Reversing – Developer @ HackTheBox

We are going to solve Developer, a pretty hard Linux machine on HackTheBox. It involves Cross-Site-Scripting, Tab Nabbing & reversing a rust binary.

By xctCTFreversing, rust, sentry, tab nabbing, xss

08JanJanuary 8, 2022

About Kerberos Silver Tickets

I always had difficulties understanding what Silver Tickets are and how they are used. Maybe this comes from the fact that they are rarely seen in labs. They can be really powerful though, so I'll be trying my best to describe my understanding of them in this post.

By xctWindows Internalsactive directory, silver ticket

08JanJanuary 8, 2022

Command Injection & Path Hijacking – Previse @ HackTheBox

We are solving Previse, an easy linux machine on HackTheBox that involves a Command Injection & Path Hijacking.

By xctCTFcommand injection, hackthebox, linux, path hijacking

27DecDecember 27, 2021

Protected: Lab – Lustrous Walkthrough

There is no excerpt because this is a protected post.

By xctCTF, Vulnlabactive directory, vulnlab

11DecDecember 11, 2021

Lab – Exploiting Log4Shell (CVE-2021-44228)

On December 10th 2021 the Log4Shell vulnerability, a "0-day" exploit in log4j2 appeared on Twitter. In this post, we will explore how to exploit it with LDAP in a lab environment.

By xctVulnlabcve, java, lab, vulnlab