All Posts

Published on
November 25, 2024
Injection Writeup
CVE-2022-36231 Command-Injection Linux Hacking-Club
The Injection machine is vulnerable to Command Injection (CVE-2022-36231) and privilege escalation via sudo.
Published on
November 23, 2024
Bin Trunk Writeup
BOLA Linux Hacking-Club
Application has a BOLA vulnerability, unauthorized file access, SSH key usage, privilege escalation via SUID, and code execution.
Published on
November 19, 2024
Uploader Writeup
LFI RCE Linux
The application has vulnerabilities of Local File Inclusion (LFI), Remote Code Execution (RCE) via Jenkins, and privilege escalation using a SUID binary.
Published on
November 17, 2024
Convert Writeup
CVE-2023-33733 RCE Linux Hacking-Club
The application has remote code execution (RCE) vulnerabilities in the ReportLab library and privilege escalation via "Shared Library Hijacking".
Published on
November 14, 2024
CAP Writeup
API-REST SQLI IDOR Linux Hacking-Club
The application has the following vulnerabilities: endpoint enumeration via FUZZ, SQL Injection, remote command execution (RCE), and privilege escalation via Linux capabilities.

Injection Writeup