The Eternal Blue Exploit | HackTheBox Blue | Beginner Track
In this post, we covered the eternal blue exploit as part of HackTheBox Beginner Track. Machine Name : HackTheBox…
CVE
Exploiting Microsoft Windows Active Directory Certificate Service | CVE-2022-26923
Introduction We covered the recent vulnerability CVE-2022-26923 that affected Microsoft Windows Active Directory Certificate Service which allowed for local…
Understanding PrintNightmare Vulnerability | (CVE-2021-1675) and (CVE-2021-34527)
Introduction Per Microsoft, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege escalation using…
JSON Deserialization Vulnerability – HackTheBox Time – CVE-2019-12384 Jackson RCE
Premise In this video walkthrough, we covered a vulnerability in Jackson library that uses JSON Deserialization and used ‘Time‘…
How to test if your exchange server is compromised and vulnerable
Premise In this post, I will briefly talk about testing your on-premises Microsoft exchange server is vulnerable to CVE-2021-26855,…