Introduction The initial access was very straight forward but was stil fun, It made use of a rather recent publicly known vulnerability. The privesc part required some out of the box thinking bu...

Introduction The initial access took some trial and error to get through but was a very good practice for thinking outside the box regarding cross-site scripting. You don’t always want to steal ...

Introduction The initial access was quite straight foreward, However it was a good reminder to test every input field thoroughly to ensure that there are no injection vulnerabilities present. T...

Introduction Iclean was an interesting machine the initial access was quite easy once you identify the injection points. These injection points weren’t the most trivial though which caused me to...

Introduction The initial access of this machine was quite trivial.It was made a little bit more difficutl because the creator didn’t use the default program file but added a new one. This howeve...

Introduction The initial access was quite trivial but an interesting cross site scripting deliver using cross site scripting in requests headers. The privilege escalation method is also a very t...

Introduction The initial access was quite clear in the way you had to exploit the service. but actually exploiting it required some tinkering. This gave me some practice in trying to evade malic...

Introduction Jab was for me a fun experience to play around with some new technology that i didn’t have much experience with yet. This made it a little bit harder to get into initially but once ...

Introduction This box was up untill this point one of my personal favourites. The road to initial access required a healthy mix of web app vulnerabilities as well as common active directory enum...

Introduction Personally i found the initial access of the machine very interesting the name and the webpage gave away what it was instantly because the log4j exploit was very popular in the medi...