Cirilla is a Witcher-themed Telegram bot (because why not) written in Python, designed to handle a variety of IT-related tasks. I plan to incorporate some features pertaining to bug bounties in the...

First, we encounter a web server hosting a file upload, that filters for .zip archives that must contain a .pdf file. We can leverage symlinks to basically perform LFI, and read the web applicati...

This Box runs a PHP application within an IIS webserver. There is a SQLi vulnerability that allows us to create a user with a malicious name, and dump the SQL database which ends up containing cr...

We’re first met with a web application running Drupal that leaks a useful directory through the robots.txt file. The file contains a version# for the current Drupal installation that is running o...

We begin with an open NFS mount that contains a webservers source code backup. Through analysing it, we can find a CRLF Injection vulnerability, mallowing us to gain access to an admin.php endpoint...

We start off with identifying a Deserialization vulnerability within the web application, which we can exploit using ysoserial to execute arbitrary commands. This is followed by SeDebugPrivilege ab...

This is a relatively short machine, starting off with a web app that allows us to submit a github repo for the program to compile for us via Visual Studio. We can use EvilSln to exploit a vulnerabi...

We start off with exploiting a CVE in a vulnerable CraftCMS running on the target webserver. This is then followed by a series of 3 privilege escalations. The first requiring us to download a backu...

This machine starts off with LDAP anonymous bind enabled, leading to the discovery of a user with no kerberos pre-auth required. We perform an AS-REP Roast attack on the user, and are able to acces...