VOIDREAD

Home Posts Writeups

VOIDREAD

Notes from the fog. Records from the breach.

Recent

HTB . 03

CCTV - HTB

Easy Linux CCTV machine abusing ZoneMinder and MotionEye flaws through SQL injection and escalation. [Unintended]

HTB . 29

Pirate - HTB

Windows Active Directory challenge centered on delegation, Kerberos, and privilege escalation workflows.

AD . 17

Valid User (No Password)

Valid User (No Password) techniques and commands for Active Directory security assessment.

AD . 16

Trusts

Trusts techniques and commands for Active Directory security assessment.

Wandering

HTB . 37

Soulmate - HTB

Easy Linux machine using CrushFTP auth bypass for admin access, webshell upload, leaked Erlang creds, and an Erlang SSH service to read root files.

HTB . 21

HackNet - HTB

Medium Linux machine with Django SSTI in a social feed, cache deserialization abuse, GPG passphrase cracking, and DB backup recovery for root.

HTB . 42

WhiteRabbit - HTB

Multi-service Linux target featuring vhost discovery, a signed webhook path into a backend database, and a backup/credential recovery chain that unlocks SSH access and privileged tooling.

HTB . 19

Giveback - HTB

Medium Linux box chaining a GiveWP deserialization RCE with container pivoting, PHP-CGI injection, Kubernetes secret theft, and runc debug abuse for root.