Shocker:shellshock (Apache mod_cgi)
Explore
Explore: android, ES File Explorer (CVE-2019–6447), ssh port forwarding
Static
Static
Monitor
Spritz javaScript SDK version 1.2.2
Cacti SQLi vuln
HackTheBox Beginner’s Guide
HackTheBox Beginner’s Guide
Unobtainium
Unobtainium
https://github.com/electron
https://www.electronjs.org/
Spectra
Spectra- wordpress
wp_admin_shell_upload
Toxic
Humanity has exploited our allies, the dart frogs, for far too long, take back the freedom of our lovely poisonous friends. Malicious input is out of the question when dart frogs meet industrialisation. 🐸
Oopsie
Session hijack with burpsuite to get reverse shell uploaded. setuid used to run cat=/bin/sh in /tmp