My name is Chris and I am a Jack of all Trades, technophile with a special focus on cybersecurity and cloud solutions. I am originally from Toronto, Ontario, and currently living in the Cayman Islands.
"*" indicates required fields
Below are just some of the vendors and technologies I've worked with, implemented or maintained.
Christopher Soehnlein2023-08-14T08:13:57-05:00August 13th, 2023|Categories: HTB, Technology|Tags: CVE-2023-32784, Keepass, Linux, MasterKey, Request Tracker|
Keeper from HTB features RT running with default creds. Once on the box we use CVE-2023-32784 and puttygen for root.
Christopher Soehnlein2023-08-13T16:44:27-05:00August 11th, 2023|Categories: HTB, Technology|Tags: Cacti, CVE-2021-41091, docker, john, Linux, MySQL, TheCyberGeek|
MonitorsTwo from HTB features a vulnerable cacti docker. Once on the box we use user_auth table and CVE-2021-41091 for root.
Christopher Soehnlein2023-08-13T16:45:03-05:00August 10th, 2023|Categories: HTB, Technology|Tags: .git, docker, gitea, kavigihan, PATH, Searchor, sub-domain|
Busqueda from HTB features a vulnerable Searchor web app. On the box we use git, gitea, password reuse and running scripts for root.
Christopher Soehnlein2023-08-13T16:44:39-05:00August 10th, 2023|Categories: HTB, Technology|Tags: .git, binwalk, CVE-2022-44268, CVE-2022-4510, git-dumper, ImageMagick, Linux|
Pilgrimage from HTB features a .git directory showing a vulnerability with ImageMagick allowing file read. On the box we exploit binwalk for root.
Christopher Soehnlein2023-08-08T10:28:13-05:00July 12th, 2023|Categories: HTB, Technology|Tags: dig, DNS, Fail2Ban, ffuf, LFI, Linux|
Trick from HTB features a hidden sub-domain vulnerable to LFI which gets us the SSH key to user. For root we enumerate the database and use fail2ban.
Christopher Soehnlein2022-10-10T10:02:25-05:00October 10th, 2022|Categories: HTB, Technology|Tags: BloodHound, Evil-WinRM, ffuf, Firefox, firefoxdecrypt, john, LAPS, LFI, PowerShell, SQLMap|
StreamIO from HTB features a website with an exploitable login and parameter. Once on the box we use BloodHound alongside the Firefox profile creds for root.
Christopher Soehnlein2022-08-24T14:50:20-05:00August 24th, 2022|Categories: HTB, Technology|Tags: BoltCMS, chisel, CVE-2021-22911, jamovi, Linux, mongodb, pwncat, RjEditor, RocketChat, shocker|
Talkative HTB has an outdated Jamovi with an R code exploit. On the box you pivot to the 172 range, get creds on MongoDB and a web-hook on Rocketchat for root.
Christopher Soehnlein2022-07-01T09:55:41-05:00June 30th, 2022|Categories: HTB, Technology|Tags: CVE-2019-17671, CVE-2021-3560, Polkit, WordPress|
Paper from HTB features an outdated WordPress environment and hidden sub-domain. On the box you use PolKit exploit CVE-2021-3560 made by the author for root.
Christopher Soehnlein2022-06-08T15:33:21-05:00June 8th, 2022|Categories: HTB, Technology|Tags: CVE-2021-22204, ImageMagick, Linux, Mogrify, neofetch, sub-domain, XDG_CONFIG_HOME|
Christopher Soehnlein2022-06-08T15:32:08-05:00June 8th, 2022|Categories: HTB, Technology|Tags: CVE-2021-32099, Linux, pandora_backup, PandoraFMS, PATH, PATH Abuse, PortForwarding, SNMP-Check, SSH, UDP, WSO|
Pandora from HTB features Port 161 running UDP which shows a password. Next you use CVE-2021-32099, a php web-shell and pandora_backup for root.
©2014 – 2023 • ISLANDDOG • Powered by WordPress