A tricky machine where we had to phish the administrator to obtain the credentials using tabnabbing technique. Next exploiting sentry application to execute command injection. Third Stage is to rev...
An easy box with an unvalidated redirection vulnerability, access to registration page and dump the file sitebackup.zip and exploit a post parameter to get remote code execution on the machine. Use...
A very good box with a good knowledge on how postfix filters work and ubuntu apt installer.
A very tough box with a good knowlege of webservers and perl scripting and a bit of code workthrough.
Windows Active Directory Box
Fairly Easy box with a knowledge of XXE and code analysis.
Chaining the Windows trusted binary, FodHelper, for UAC bypass together with the ability to rewrite registry keys will safely disable ASMI allowing a PowerShell reverse shell.
Year of the Rabbit - TryHackMe was an easy box with lot of rabbit holes as the box name indicates can make you frustrate.