Zetta write-up by limbernie

From RFC2428 to capture IPv6 address, to rsync hidden module, to SQLi through syslog. What a ride!

https://hackso.me/zetta-htb-walkthrough/

limbernie
Write-ups of retired machines

Comments

  • That is great writeup, thanks for sharing)

    tabacci

  • very good

    peek

  • That was a really good summary of the box! One thing I'd like to add is that you could also log the INSERT INTO commands for debugging purposes via /var/log/postgres/main/log.1 (something like that, I don't have my VM on right now).

  • Great job! I think it is worth mentioning which configuration mistake causes that you can download the content of /etc.

    bumika

Sign In to comment.