This series of write-up's are mainly aimed on boot2root boxes on Hackthebox and Vulnhub. I will also add Binary exploitation and Reversing as I explore these avenues deeper.
There are a ton of write-up's out there already, but documenting these is a crucial step in my learning process as it forces me to iterate through it all one more time.
"Repetitio est mater studiorum" - Repetition is the mother of all learning.
- PicoCTF 2018 - got-2-learn-libc (Stack Buffer Overflow)
- Overthewire - narnia1 (Stack Buffer Overflow)
- Overthewire - narnia0 (Stack Buffer Overflow)
- Vulnserver "TRUN" command buffer overflow
- Vulnserver "KSTET" command Egghunter
- Vulnserver "GMON" command SEH overflow
- Reversing and Exploiting Protostar Stack challenges
| Completed Box | Exploiting |
|---|---|
| Active | #GPP Passwords, #Kerberoast |
| Bank | #File upload bypass, #dns, #suid, #File permissions |
| Bashed | #sudo misconfig |
| Bastard | #Drupal, #Empire, #sherlock, #MS15-051 |
| Beep | #sip, #lfi, #Elastix RCE |
| Blocky | #wordpress, #java, #sudo |
| Blue | #Eternal Blue |
| Bounty | #iis, #Empire, #MS10-092 |
| Celestial | #Node js, #cron |
| Dev0ops | #xxe, #Git |
| Devel | #ftp, MS14-058 |
| Grandpa | #ExplodingCan, #MS14-070 |
| Jerry | #Tomcat |
| Lame | #Samba, #distcc, #suid |
| Legacy | #MS08-067 |
| Mirai | #Pi, #sudo |
| Nibbles | #nibbleblog, #sudo |
| Optimum | #rejetto, #MS16-032 |
| Poison | #lfi, #Log poisoning, #phpinfo, #vnc |
| Popcorn | #lfi, #pam |
| Sense | #pfsense |
| Shocker | #shellshock |
| Tenten | #wordpress, #stego, #sudo |
| Valentine | #heartbleed, #tmux |