↓Skip to main content

NXC

OFFSEC - Proving Grounds - RUSSIANDOLLS

12 October 2025·2291 words·11 mins

OFFSEC PG PRACTICE PATH TRAVERSAL NXC SUDO 1.9.14-17 CVE-2025-32463

On port 8080 the website loads images via local http URLs, found open port 4242 with FILE VIEWER app. Path traversal exposes passwords and allows access via SSH. sudo v1.9.15 exploited for root access using CVE-2025-32463 chroot escalation.

OFFSEC - Proving Grounds - SYBARIS

10 October 2025·1959 words·10 mins

OFFSEC PG PRACTICE FTP REDIS NXC PWNKIT

FTP on port 21 allows anonymous login and is writable. Redis 5.0.9 on port 6379 is exploitable by uploading a Redis module via FTP and exploit Redis for pablo access, then use pwnkit (CVE-2021-4034) to escalate to root.