A brief overview of AD CS Abuses ESC1 and ESC8

TL;DR Data is an EASY rated machine on VulnLab. This machine involves abusing an unauthenticated path traversal/file read vulnerability in a Grafana instance to get access to a database file and r...

TL;DR Retro is an EASY rated machine on VulnLab. This machine involves abusing a flaw with pre-created computer accounts to change a password and take over control of the account. From there, abus...

TL;DR Baby is an EASY difficulty machine on VulnLab. This machine involved performing LDAP enumeration to identify valid domain users and locate a plaintext password in one of the user description...

TL;DR Manage is an EASY machine on VulnLab. This box involved abusing a Java JMX service to get command execution on the server. Once on the server, we find a backup archive that contains files fr...

TL;DR Breach is a MEDIUM difficulty machine on VulnLab. This machine involved abusing anonymous access to an SMB share to upload a URL link file to a specific directory to induce an authentication...

Summary Kenobi is an EASY room on TryHackMe that involves accessing an open Samba share, and then abusing a vulnerable version of ProFtpd to get a foothold on the machine, and then abusing a SUID ...

Summary Include is a MEDIUM difficulty room on TryHackMe that involves abusing a logic flaw to get access to an admin panel, leveraging an internal API to obtain credentials for another service vi...

Easy rated Windows machine created by xct & kozie

Summary Annie is a medium difficulty Linux box on TryHackMe. This machine involved compromising a vulnerable AnyDesk installation and then abusing an uncommon SetUID binary to elevate privileges t...