folder_open/ root / writeups

Security Logs & CTF Archives

Detailed walkthroughs of CTF challenges, vulnerability research, and pentesting labs.

check_circle42 Solved
MediumOct 12, 2023
HackTheBox: Retired Machine "Sauce"
tag#PrivilegeEscalation #Linux #Web 
root@sauce:~# cat /opt/trail_log
# Exploiting request basket via SSRF...
curl -X POST http://127.0.0.1:55555/api/baskets/mysession
buildTools:
Burp SuiteNmapRequest Baskets
EasySep 28, 2023
PicoCTF 2023: SQL Direct
tag#SQLi #Database

Connecting directly to a PostgreSQL database exposed on a port to retrieve the flag from a hidden table using basic SQL queries.

buildTools:
psqlKali Linux
HardAug 15, 2023
Custom Exploit: Buffer Overflow on x64
tag#BinaryExploitation #ROP 
# ROP Chain construction
rop = ROP(elf)
rop.call(elf.symbols['puts'], [elf.got['puts']])
rop.call(elf.symbols['main'])
buildTools:
GDBPwntoolsPython