Welcome!

My name is Chris and I am a Jack of all Trades, technophile with a special focus on cybersecurity and cloud solutions. I am originally from Toronto, Ontario, and currently living in the Cayman Islands.

CHRISTOPHER SOEHNLEIN

Digital Solutions

Below are just some of the vendors and technologies I've worked with, implemented or maintained.

“Wisdom is not a product of schooling but of the lifelong attempt to acquire it.”

Albert Einstein

Theoretical physicist

My Creative Side

Christopher Soehnlein2021-01-21T15:09:49-05:00

IslandDog

Concept, WordPress

Christopher Soehnlein2020-09-14T10:56:46-05:00

ODAAT

Concept, WordPress

Christopher Soehnlein2020-09-14T10:57:20-05:00

Ronco Cayman

Concept, WordPress

Christopher Soehnlein2020-09-14T09:55:46-05:00

Hurleys Media

Concept, WordPress

Christopher Soehnlein2020-09-14T09:57:51-05:00

First Resource

Concept, WordPress

Christopher Soehnlein2020-09-14T09:51:23-05:00

IPCA

Concept, WordPress

IslandDog Thoughts:
My blog which covers new technology, my life, HTB guides and more!

Explore More

HTB – Monitors

Christopher Soehnlein2021-10-09T10:46:17-05:00October 9th, 2021|Categories: HTB, Technology|Tags: Cacti, CAP_SYS_MODULE, docker, HTB, Monitors, Pivot, Tomcat, WordPress|

Monitors is an Hard box from HTB and created by TheCyberGeek. This box features a WordPress plugin exploit via wp-with-spritz allowing for LFI/RFI and an internal docker with Apache Tomcat running.

HTB – Blackfield

Christopher Soehnlein2020-10-10T10:39:40-05:00October 3rd, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|

Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.

HTB – Backdoor

Christopher Soehnlein2022-04-25T10:03:01-05:00April 23rd, 2022|Categories: HTB, Technology|Tags: ebook-download, ffuf, gdbserver, LFI, MSFVenom, proc, screen, WordPress|

Backdoor from HTB features a WordPress environment with an LFI. We use the LFI to find gdbserver which we exploit. Finally we use screen, which runs as root.

HTB – Shibboleth

Christopher Soehnlein2022-04-01T11:12:34-05:00April 1st, 2022|Categories: HTB, Technology|Tags: CVE-2021-27928, ffuf, IPMI, john, MariaDB, UDP, Zabbix|

Shibboleth from HTB features an exploitable IPMI open on UDP and Zabbix actions for a reverse shell. Once on the box we exploit a vulnerable MariaDB for root.

HTB – Pandora

Christopher Soehnlein2022-03-06T13:20:47-05:00March 6th, 2022|Categories: HTB, Technology|Tags: CVE-2021-32099, Linux, pandora_backup, PandoraFMS, PATH, PATH Abuse, PortForwarding, SNMP-Check, SSH, UDP, WSO|

Pandora from HTB features Port 161 running UDP which shows a password. Next you use CVE-2021-32099, a php web-shell and pandora_backup for root.

HTB – Meta

Christopher Soehnlein2022-02-24T11:53:44-05:00February 24th, 2022|Categories: HTB, Technology|Tags: CVE-2021-22204, ImageMagick, Linux, Mogrify, neofetch, sub-domain, XDG_CONFIG_HOME|

Paper from HTB features an outdated WordPress environment and hidden sub-domain. On the box you use PolKit exploit CVE-2021-3560 made by the author for root.

HTB – Paper

Christopher Soehnlein2022-02-21T13:30:46-05:00February 21st, 2022|Categories: HTB, Technology|Tags: CVE-2019-17671, CVE-2021-3560, Polkit, WordPress|

Paper from HTB features an outdated WordPress environment and hidden sub-domain. On the box you use PolKit exploit CVE-2021-3560 made by the author for root.

HTB – Bolt

Christopher Soehnlein2022-02-21T12:00:24-05:00February 19th, 2022|Categories: HTB, Technology|Tags: CyberChef, john, password-reuse, PGP, sqlite3, SSTI, sub-domain, VHOST|

Bolt from HTB features a website information leakage, subdomains and an SSTI. Once on the box we decrypt a PGP key and encrypted mail for root.

HTB – Horizontall

Christopher Soehnlein2022-02-07T10:12:23-05:00February 6th, 2022|Categories: HTB, Technology|Tags: CVE-2021-3129, Exploit_50239, ffuf, GoBuster, Horizontall, HTB, rustscan, strapi, VHOST|

Horizontall features a hidden vhost with an exploitable strapi. Once on the box we exploit a vulnerable laravel using an SSH port forward.

HTB – Forge

Christopher Soehnlein2022-01-22T10:59:18-05:00January 22nd, 2022|Categories: HTB, Technology|Tags: BurpSuite, GoBuster, LFI, Linux, Python Debugger, python3, rustscan, VHOST|

Forge by NoobHacker9999 features a directory traversal/LFI exploitable website and hidden vhost. Once on the box you use python debugger on a script for root.

HTB – Search

Christopher Soehnlein2022-01-23T00:46:38-05:00January 21st, 2022|Categories: HTB, Technology|Tags: BloodHound, CrackMapExec, crackpfkcs12, exce, FeroxBuster, Impacket, KerBrute, password-reuse, Windows|

Search from HTB features a website with credential leakage via a image and a domain controller you exploit to escalate. Finally we use GenericAll for root.

HTB – Devzat

Christopher Soehnlein2022-01-23T00:51:00-05:00January 14th, 2022|Categories: HTB, Technology|Tags: .git, command injection, CVE-2019-20933, devzat, diff, FeroxBuster, ffuf, InfluxDB|

Devzat from HTB features a sub-domain with command injection. On the box you find an exploitable InfluxDB running and a dev chat with a file command for root.

Welcome!

Digital Solutions

“Wisdom is not a product of schooling but of the lifelong attempt to acquire it.”

Albert Einstein

My Creative Side

IslandDog Thoughts: My blog which covers new technology, my life, HTB guides and more!

IslandDog Thoughts:
My blog which covers new technology, my life, HTB guides and more!