Skip to content

LZMK

PG_Machines

PG_Machines¶

Aug 24, 2021
in OSCP_Prep, Boot2Root, PG_Machines
2 min read

PG - Twiggy | Walkthrough

TLDR

exploit a pre-auth RCE vulnerability on a SaltStack master

Jun 22, 2021
in PG_Machines, Boot2Root, OSCP_Prep
3 min read

PG - SURF | Walkthrough

TLDR

Bypass Auth -> SSRF -> RCE
Exploit misconfigured sudo privilege to root

Jun 19, 2021
in PG_Machines
3 min read

PG - Pebbles Walkthrough

Alt text

TLDR

Fuzz directory to find application which is vulnerable to SQLi
Exploit the vulnerable application using SQLMap to get shell

Jun 10, 2021
in PG_Machines, Boot2Root, OSCP_Prep
2 min read

PG - Bratarina Walkthrough

bratarina info

TLDR

Exploit OpenSMTP Vulnerability to get the RCE as root.

Jun 10, 2021
in OSCP_Prep, Boot2Root, PG_Machines
6 min read

PG - Exfiltrated Walkthrough

exfiltrated-info

TLDR

Use Nmap to get the list of services running on the target.
On web app use default credentials to login.
Exploit CMS which is vulnerable to authenticated RCE.
Exploit Cronjob to escalate privilege to root.