My name is Chris and I am a Jack of all Trades, technophile with a special focus on cybersecurity and cloud solutions. I am originally from Toronto, Ontario, and currently living in the Cayman Islands.
Below are just some of the vendors and technologies I've worked with, implemented or maintained.
Christopher Soehnlein2021-10-09T10:46:17-05:00October 9th, 2021|Categories: HTB, Technology|Tags: Cacti, CAP_SYS_MODULE, docker, HTB, Monitors, Pivot, Tomcat, WordPress|
Monitors is an Hard box from HTB and created by TheCyberGeek. This box features a WordPress plugin exploit via wp-with-spritz allowing for LFI/RFI and an internal docker with Apache Tomcat running.
Christopher Soehnlein2020-10-10T10:39:40-05:00October 3rd, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|
Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.
Christopher Soehnlein2021-10-01T15:03:39-05:00September 14th, 2021|Categories: HTB, Technology|Tags: BurpSuite, GoBuster, LFI, Linux, Python Debugger, python3, rustscan, VHOST|
Forge by NoobHacker9999 features a directory traversal/LFI exploitable website and hidden vhost. Once on the box you use python debugger on a script for root.
Christopher Soehnlein2021-09-10T10:52:50-05:00September 10th, 2021|Categories: HTB, Technology|Tags: CVE-2020-14321, FreeBSD, HTB, moodle, Schooled, sub-domain, XSS|
Schooled is an Medium box from HTB and created by TheCyberGeek. This box features a XSS exploit and priv esc via moodle and a malicious pkg for root.
Christopher Soehnlein2021-09-10T08:20:15-05:00September 7th, 2021|Categories: Technology|Tags: GitHub, HTB, i3, i3-gaps, Kali, PwnBox, theGuildHall, xct|
Using theGuildHall - pwnbox and xct - kali-clean to create a more personalized and optimized environment well still keeping that pwnbox look and feel.
Christopher Soehnlein2021-10-01T15:21:58-05:00September 1st, 2021|Categories: HTB, Technology|Tags: CVE-2021-3129, Exploit_50239, ffuf, GoBuster, Horizontall, HTB, rustscan, strapi, VHOST|
Horizontall features a hidden vhost with an exploitable strapi. Once on the box we exploit a vulnerable laravel using an SSH port forward.
Christopher Soehnlein2021-08-30T10:40:01-05:00August 27th, 2021|Categories: HTB, Technology|Tags: chef, HTB, Knife, PHP, ruby|
Knife is an Easy box from HTB and created by MrKN16H. This box features a PHP and chef based exploit.
Christopher Soehnlein2021-10-01T15:08:38-05:00August 17th, 2021|Categories: HTB, Technology|Tags: FeroxBuster, gzip, MySQL, PATH, POST, python_exec, tty_python|
Previse from HTB features an exploitable website with POST request registration and a unsanitized parameter. On the box you use PATH injection on a script to get root.
Christopher Soehnlein2021-10-01T15:10:06-05:00August 13th, 2021|Categories: HTB, Technology|Tags: APT, BypassLogin, Disclaimer, enum4linux, ffuf, GTFOBins, NMAP, PostFix, python3, SID_users, SMTP, SQL|
Writer from HTB features a website with a weak login and a code executable uploader. Once on the box we exploit postfix and apt allowing us to get root.
Christopher Soehnlein2021-08-05T10:44:18-05:00August 5th, 2021|Categories: HTB, Technology|Tags: AlwaysInstallElevated, HTB, love, MSFVenom, SSL|
Love is an Easy box from HTB and created by pwnmeow. This box features subdomain lookups and AlwaysInstallElevated privesc.
©2014 – 2021 • ISLANDDOG • Powered by WordPress