GOBUSTER
OFFSEC - Proving Grounds - APEX
·2786 words·14 mins
OFFSEC PG PRACTICE
OPENEMR
MYSQL
FILEMANAGER
GOBUSTER
Exploit filemanager vuln on port 80 for OpenEMR SQL creds. Login to MySQL, get admin hash for app access. Use app exploit for initial access, reuse password for root escalation.
OFFSEC - Proving Grounds - COCKPIT
·1373 words·7 mins
OSCP
OFFSEC PG PRACTICE
TAR
GOBUSTER
SQL inject login to get admin & additional creds. Use credentials in Ubuntu Web Console. Exploit sudo tar wildcard to escalate to root.