Search for a command to run...
Articles tagged with #cve
Info: Introduction and Deploy In March 2022, a researcher named Max Kellerman publicly disclosed a Linux Kernel vulnerability (nicknamed "Dirty Pipe" for its similarities to the notorious "Dirty Cow" exploit affecting older versions of the kernel) th...
OverlayFS is a lightweight Linux kernel feature that merges multiple directories into a single unified filesystem. It’s widely used for live systems, containers, and setups that want a read-only root filesystem with a writable layer on top. While tha...
In late March 2022 the security community was alerted to remote code execution flaws affecting the Spring Framework. One of the issues—now commonly referred to as Spring4Shell (CVE-2022-22965)—impacts parts of Spring Core and, under a specific set of...
In this walkthrough, we’ll explore the “Root It” box on TryHackMe, a beginner-friendly but insightful machine created by DarkStar7471 and built by Paradox. The machine is based on a vulnerable version of Fuel CMS (v1.4.1), which contains a known Remo...
In this TryHackMe challenge, we’re tasked with compromising a Linux machine by gaining low-privileged access, escalating privileges, and collecting two flags: user.txt and root.txt. The target system runs Apache Tomcat and has a known vulnerability c...
In this walkthrough, we exploit a vulnerable machine titled Lazy Admin on TryHackMe. The target is running a SweetRice CMS instance with known vulnerabilities. Our objectives are to gain user-level access and ultimately escalate privileges to retriev...
