We shall attack

Multiple vulnerabilities in the belloo dating script 4.2.7.7

Regarding to the official site, Belloo (other possible names are premiumdatingscript, lindoo, social match) is a “High quality dating software with incredible out of the box ready-to-use function...

HackTheBox - Monitors | Writeup

Overview Monitors is defined as a hard-difficulty box: a lot of enumeration, 3 real-world CVE`s and docker container privilege escalation at the end. Notes Sometimes information from public e...

HackTheBox - Cap | Writeup

Overview Cap is a low-difficulty box. The exploitation and privilege escalation parts are pretty straightforward. Attention to detail and basic knowledge about Linux file capabilities are all tha...

Building a docker service honeypot

Building a Docker Service Honeypot Introduction One of the well-known misconfigurations for docker is an exposure of control API. By default, the docker client (CLI) communicates with the daemon u...