SQLMAP

OFFSEC - Proving Grounds - GROOVE

19 September 2025·1418 words·7 mins

OFFSEC PG PRACTICE CHURCHCRM SQLMAP HASHCAT

ChurchCRM 4.5.1 on port 80 has weak credentials. Using an SQL injection via sqlmap reveals the root hash. Cracking it grants root access.

OFFSEC - Proving Grounds - SILICON

13 September 2025·1560 words·8 mins

OFFSEC PG PRACTICE SQLMAP

KORTEX ADVOCATED software on port 8000 which has SQLi vulnerability (CVE-2024-7640). Dump and crack hashes for initial access, escalate to root via ruby3.1.

OFFSEC - Proving Grounds - WORKAHOLIC

16 August 2025·2806 words·14 mins

OSCP OFFSEC PG PRACTICE WPPROBE SQLMAP HASHCAT FTP STRACE GCC

Use OFFSEC creds or scan Wordpress. Exploit a Wordpress vulnerability (CVE-2024-9796), crack hashes for charlie/ted. FTP as ted and SSH in as charlie. Escalate to root via SUID binary with custom shared object.