Shinra & Wutai Videos
I'm linking the playlists for both labs here to avoid single posts for every video. Check out https://vulnlab.com if you want to try them out!
05May
19Jan
Lab – Baby Walkthrough
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup & SeRestore Privileges.
16Jan
Lab – Rainbow Walkthrough
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root.
27Dec
Lab – Lustrous Walkthrough
This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab.
11Dec
Lab – Exploiting Log4Shell (CVE-2021-44228)
On December 10th 2021 the Log4Shell vulnerability, a "0-day" exploit in log4j2 appeared on Twitter. In this post, we will explore how to exploit it with LDAP in a lab environment.