↓Skip to main content

FTP

OFFSEC - Proving Grounds - DEPLOYER

18 September 2025·3782 words·18 mins

OFFSEC PG PRACTICE FTP PHP PHP SERIALIZE DOCKER DOCKER BUILD

Anonymous FTP on port 21 gives site config and PHP code. Exploit LFI, drop PHP shell, gain initial access. Upload SSH key, use sudo docker build to get /opt/id_rsa.bak and escalate to root.

OFFSEC - Proving Grounds - WORKAHOLIC

16 August 2025·2806 words·14 mins

OSCP OFFSEC PG PRACTICE WPPROBE SQLMAP HASHCAT FTP STRACE GCC

Use OFFSEC creds or scan Wordpress. Exploit a Wordpress vulnerability (CVE-2024-9796), crack hashes for charlie/ted. FTP as ted and SSH in as charlie. Escalate to root via SUID binary with custom shared object.