I chose the easy way out on this one. I used metasploit to exploit a Window’s SMB flaw (Eternal Blue). I don’t like Windows boxes, but hey, that’s what the workforce is using. I believe this vulnerability took over many networks including ransomware-ing hospitals all over the world (yuck!). Here’s the sidelines, Steve-Gibson-ish (grc.com, security […]
James Sudoers
This is an exploit where we found we could modify a script and echo something into it to make James apart of the sudoers file. Sorry for the pixelated image below. I kept the “hack the box” vendor anonymous.
Mantis Unauthenticated RCE
This is my early adventure into “hack the box”. Below is a screen shot of my OneNote of how I got root on the box. I am keeping the “hack the box” vendor unnamed so I’m not spoiling any secrets unless you really dig into the screenshot.