Python

🎥I have a backlog of recorded videos🎥 so you get another bonus walkthrough! This is a walkthrough of Offsec Proving Grounds machine called "Symbolic". In this walkthrough we exploit a HTML to PDF website using tools like gobuster, a Google Project Zero tool called CreateSymlink, and privesc with SSH key…

📣This is a walkthrough of the Offsec machine called "Sorcerer". I really enjoyed this one and there aren't too many walkthroughs of it available, so I hope this helps! It features exploitation using gobuster, script modification, scp, SSH Keys, and abusing binaries with the SUID set. I learned a lot…

This is a walkthrough of the OffSec machine called "Outdated" (not to be confused with a Hack The Box machine of same name!). I haven't really seen many walkthroughs (if any) of this Offsec machine so, you're welcome! It features the exploitation of mPDF using local file inclusion, SSH port…

🚨Walkthrough of the machine called "Twiggy" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. I had some issues with figuring out how to take advantage of the exploit but eventually prevailed after some experimentation. We take advantage of a RCE in ZeroMQ ZMTP software…

New OffSec Proving Grounds Walkthrough of a machine called Pyload. In this video we create a python virtual environment and use a python exploit to gain root access on the machine by exploiting an application called Pyload. **SPOILERS** I show you how to pwn the box, so if you don't…