↓Skip to main content

SSH2JOHN

OFFSEC - Proving Grounds - PASSPORT

11 October 2025·2987 words·15 mins

OFFSEC PG PRACTICE FEROXBUSTER SSH2JOHN JOHN TMUX

Access website on port 80, extract credentials, log into FTP. Crack Luigi’s SSH key and gain initial access. Move laterally to luca and attach to a root tmux session for privilege escalation.

OFFSEC - Proving Grounds - SCRUTINY

16 August 2025·2638 words·13 mins

OSCP OFFSEC PG PRACTICE VHOST JOHN SSH2JOHN TEAMCITY

Initial access via OFFSEC credentials or TeamCity CVE-2024-27198 exploit, get id_rsa key for marcot and password of multiple users. Briand runs /usr/bin/systemctl as root, escalate to root using GTFOBins.