Ladies and gentlemen ; I have gathered you here today to discuss the life of another fallen one. It is with great sadness that we announce the LFI on BOA webserver ; BOA is a favorite among many using embedded nix systems to use as a webserver due to its efficiency but alas it has […]
This simple post will take you through the process of adding an arbitrary file download exploit to mth3l3m3nt ; so yes no excuse to not have a working PoC for LFI or arbitrary file downloads because “I can’t code”. We will use the case of WordPress Plugin Membership Simplified v1.58 – Arbitrary File Download whose process of coming […]
Jimmy the troll (unknown)
Download Unknown.ova here (782.44 MB) This CTF was made by Jimmy to test a number of aspects. It was also keen as the previous one on attention to some details. So without further ado, lets get into what made this journey awesome. Know About Thy Target This was the first step and for this I […]
It’s Finally out there the OWASP Mth3l3m3nt Framework . It’s a small tool to aid you in carrying out your pentest tasks with as little resources as possible. Most of us can afford the simple shared hosting services but not a powerful enough VPS to run pentest distros especially due to cost constraints. This one […]