Afi SV’s Post

Did you know with Sentry's event fingerprinting you can group errors with greater granularity? If your quering an API service the stack trace is generally the same even if the outgoing request is very different Add it to your Sentry.init beforeSend function.

Found this to be a little challenging on the privilege escalation side. Overall, really liked this box - Gaining a foothold is practically given to you - it compensates for the "easiness" by 1) Finding the exploit for privilege escalation 2) How to actually leverage the exploit 3) Getting onto the target machine. Important lesson: Don't be careless with how you setup FTP on your system ;)

After gaining access to the Domain Controller, let's dump the hashes using the secretsdump tool.

The Foldhold exploit used CRLF injection, a technique that inserts carriage return (CR) and line feed (LF) characters into user-supplied input. This tricks the server, application, or user into interpreting the injected sequence as the end of one response and the beginning of another. Finally, I used `sudo -l` to list the allowed (and forbidden) commands for the invoking user, which can be used for further privilege escalation.

🚨 It's time to update your ProjectDiscovery Nuclei CLI/SDK. This release brings: - A new -dast flag to run DAST Templates (previously known as Fuzzing). - A pre-condition field for the code protocol and DAST Templates. - Fixes for multiple crashes/panics. - Fixes for multiple issues related to query parameter DAST (fuzzing) templates. - Multiple bug fixes in OAST, matcher-status, and much more. Check out https://lnkd.in/dms_5Tvf for more release details and other important changes.

🫠 Tricky machine to get a foothold on because I am not quite used to inspecting traffic with Wireshark but eventually got there! 👾 Also make use of a IDOR vulnerability to download the right .pcap file. After that simply run linpeas for privilege escalation. It will highlight what you need to do.

A very easy box, but a fun exercise to exploit the infamous SMB hack that allowed WannaCry to storm the world. There are several ways to go about this hack. I spent some time crafting a msfvenom payload and then trying a .py exploit, but I kept getting line errors in unexpected places. At the end of the the day, msfconsole is one heck of an easy tool as a backup. This a great beginner box in my opinion, a great toe in the water for smbclient usage, nmap, msfconsole, and meterpreter.

NMAP > RCE Exploit > Shell > User Flag > NC > more stable/interactive shell > Discover CloudMe > Chisel > create payload with MSFVenom > update BOF exploit with payload > run BOF exploit > root shell > root flag!

Join Butch Mayhew, Head of Quality & Reliability at Tilled on Wednesday, April 3rd at 12:00 CDT to learn more about debugging errors faster while protecting user privacy with Session Replay with Sentry (sentry.io)!

Did you know that you can easily redirect to a proxied API using fallback mode if no rule matches?  Additionally, by combining fallback mode with wildcard paths, you can create "guard" routes that apply the same rules to all your mock API endpoints. Learn more in our tutorial: https://lnkd.in/eFmWS4KH