Writeups

TryHackMe: Library Writeup

Boot2root machine exploitation featuring SSH brute-forcing with Hydra, privilege escalation via misconfigured sudo permissions, and Python script manipulation.

Covered reconnaissance, credential discovery through robots.txt, and root access through GTFOBins techniques.

Read Writeup

TryHackMe: Thomson Writeup

Apache Tomcat exploitation using Ghostcat vulnerability (CVE-2020-1938) and privilege escalation through cron job manipulation.

Included directory enumeration, credential discovery, WAR file deployment, and root flag capture via writable scripts.

Read Writeup