Posts

If you’re a user of TryHackMe (THM), you know how valuable it is to earn certifications for your cybersecurity skills. However, verifying those certificates can sometimes be a hassle, requiring you to navigate through multiple pages or tools to ensure their validity. That’s where the THM Certificate Validator Chrome Extension comes in handy. This lightweight and user-friendly extension allows you to quickly check the validity of your THM certificates right from your browser....

Introduction In some environments, the root user on a networked file system is treated as an unprivileged user. This is known as “root squashing.” If root squashing is disabled, an attacker who gains access to an unprivileged account on the file system may be able to escalate their privileges to root. Demonstration Attacker machine Create a directory named /tmp/mount: mkdir /tmp/mount Mount the network file system to /tmp/mount: mount -t nfs <IP>:<SHARED_FOLDER> /tmp/mount Copy the /bin/bash binary from the attacker’s system to the mounted file system:...

Introduction LFI (Local File Inclusion) is a common vulnerability found in web applications, allowing an attacker to include local files in the server. LFI Log Poisoning is a technique that leverages LFI vulnerabilities to write arbitrary content to log files on the server. By doing so, an attacker can leverage a LFI to a RCE. This is the path of a vulnerable LFI : http://127.0.0.1/index.php?page=/../../../../etc/passwd The local file can be read :...