Summary This box includes a unique way of enumerating a machine through an LFI by fuzzing for a specific PID that spawned a service on port 1337. At least I hadn’t seen it before trying it. The pri...

Summary This box focuses on exploiting the drupalgeddon vulnerability to achieve a web-shell. After this some database enumeration is required to obtain ssh credentials. After this, snap is used to...

Summary This box is centered around exploiting a misconfigured HP JetDirect printer via snmp. It also covers port forwarding an exploiting the CUPS service, which is a modular printing service for ...