Secrets are meant to be secret

Month May 2020

DNS Admin Privesc in Active Directory (AD)(Windows)

While working on a pentest lab which required abusing dnsadmin privileges, I came across this post , which is really good but felt like it didn’t properly explain few things including syntax. So this post is just an extension of… Continue Reading →

How I found a Remote Code Execution in OpenEDX

How I found a Remote Code Execution in OpenEDX OpenEDX platform is really cool Learning Management System, which is also Open source (this time I was testing the Ironwood release 2.5). You can check it out here: https://open.edx.org/the-platform/ When I… Continue Reading →

TryHackMe King of the hill

1st a nmap scan root@kali:/opt/MS17-010-2012# nmap -A 10.10.148.6 Starting Nmap 7.70 ( https://nmap.org ) at 2020-05-18 03:19 EDT Stats: 0:01:03 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan Nmap scan report for 10.10.148.6 Host is up (0.028s latency)…. Continue Reading →

OpenAdmin

OpenAdmin retired today, was an easy Linux machine and was fun to root. So here’s my writeup for the same. Nmap scan gave us only two ports open. Port 22 (SSH) and 80 (HTTP) SSH seems to be latest version… Continue Reading →

© 2020 MYSTIKO — Powered by WordPress

Theme by Anders NorenUp ↑