Welcome!

My name is Chris and I am a Jack of all Trades, technophile with a special focus on cybersecurity and cloud solutions. I am originally from Toronto, Ontario, and currently living in the Cayman Islands.

CHRISTOPHER SOEHNLEIN

"*" indicates required fields

Name*

First Last

Email*

Phone*

Comments

This field is for validation purposes and should be left unchanged.

Digital Solutions

Below are just some of the vendors and technologies I've worked with, implemented or maintained.

“Wisdom is not a product of schooling but of the lifelong attempt to acquire it.”

Albert Einstein

Theoretical physicist

My Creative Side

Christopher Soehnlein2021-01-21T15:09:49-05:00

IslandDog

Concept, WordPress

Christopher Soehnlein2020-09-14T10:56:46-05:00

ODAAT

Concept, WordPress

Christopher Soehnlein2020-09-14T10:57:20-05:00

Ronco Cayman

Concept, WordPress

Christopher Soehnlein2020-09-14T09:55:46-05:00

Hurleys Media

Concept, WordPress

Christopher Soehnlein2020-09-14T09:57:51-05:00

First Resource

Concept, WordPress

Christopher Soehnlein2020-09-14T09:51:23-05:00

IPCA

Concept, WordPress

IslandDog Thoughts:
My blog which covers new technology, my life, HTB guides and more!

Explore More

HTB – Monitors

Christopher Soehnlein2021-10-09T10:46:17-05:00October 9th, 2021|Categories: HTB, Technology|Tags: Cacti, CAP_SYS_MODULE, docker, HTB, Monitors, Pivot, Tomcat, WordPress|

Monitors is an Hard box from HTB and created by TheCyberGeek. This box features a WordPress plugin exploit via wp-with-spritz allowing for LFI/RFI and an internal docker with Apache Tomcat running.

HTB – Blackfield

Christopher Soehnlein2020-10-10T10:39:40-05:00October 3rd, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|

Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.

HTB – Talkative

Christopher Soehnlein2022-08-24T14:50:20-05:00August 24th, 2022|Categories: HTB, Technology|Tags: BoltCMS, chisel, CVE-2021-22911, jamovi, Linux, mongodb, pwncat, RjEditor, RocketChat, shocker|

Talkative HTB has an outdated Jamovi with an R code exploit. On the box you pivot to the 172 range, get creds on MongoDB and a web-hook on Rocketchat for root.

HTB – StreamIO

Christopher Soehnlein2022-08-19T13:39:23-05:00August 19th, 2022|Categories: HTB, Technology|Tags: BloodHound, Evil-WinRM, ffuf, Firefox, firefoxdecrypt, john, LAPS, LFI, PowerShell, SQLMap|

StreamIO from HTB features a website with an exploitable login and parameter. Once on the box we use BloodHound alongside the Firefox profile creds for root.

HTB – Trick

Christopher Soehnlein2022-08-19T12:59:44-05:00August 19th, 2022|Categories: HTB, Technology|Tags: dig, DNS, Fail2Ban, ffuf, LFI, Linux|

Trick from HTB features a hidden sub-domain vulnerable to LFI which gets us the SSH key to user. For root we enumerate the database and use fail2ban.

HTB – Paper

Christopher Soehnlein2022-07-01T09:55:41-05:00June 30th, 2022|Categories: HTB, Technology|Tags: CVE-2019-17671, CVE-2021-3560, Polkit, WordPress|

Paper from HTB features an outdated WordPress environment and hidden sub-domain. On the box you use PolKit exploit CVE-2021-3560 made by the author for root.

HTB – Meta

Christopher Soehnlein2022-06-08T15:33:21-05:00June 8th, 2022|Categories: HTB, Technology|Tags: CVE-2021-22204, ImageMagick, Linux, Mogrify, neofetch, sub-domain, XDG_CONFIG_HOME|

Paper from HTB features an outdated WordPress environment and hidden sub-domain. On the box you use PolKit exploit CVE-2021-3560 made by the author for root.

HTB – Pandora

Christopher Soehnlein2022-06-08T15:32:08-05:00June 8th, 2022|Categories: HTB, Technology|Tags: CVE-2021-32099, Linux, pandora_backup, PandoraFMS, PATH, PATH Abuse, PortForwarding, SNMP-Check, SSH, UDP, WSO|

Pandora from HTB features Port 161 running UDP which shows a password. Next you use CVE-2021-32099, a php web-shell and pandora_backup for root.

HTB – Search

Christopher Soehnlein2022-07-01T12:16:47-05:00June 8th, 2022|Categories: HTB, Technology|Tags: BloodHound, CrackMapExec, crackpfkcs12, exce, FeroxBuster, Impacket, KerBrute, password-reuse, Windows|

Search from HTB features a website with credential leakage via a image and a domain controller you exploit to escalate. Finally we use GenericAll for root.

HTB – Devzat

Christopher Soehnlein2022-06-08T15:34:54-05:00June 8th, 2022|Categories: HTB, Technology|Tags: .git, command injection, CVE-2019-20933, devzat, diff, FeroxBuster, ffuf, InfluxDB|

Devzat from HTB features a sub-domain with command injection. On the box you find an exploitable InfluxDB running and a dev chat with a file command for root.

HTB – Backdoor

Christopher Soehnlein2022-04-25T10:03:01-05:00April 23rd, 2022|Categories: HTB, Technology|Tags: ebook-download, ffuf, gdbserver, LFI, MSFVenom, proc, screen, WordPress|

Backdoor from HTB features a WordPress environment with an LFI. We use the LFI to find gdbserver which we exploit. Finally we use screen, which runs as root.

HTB – Shibboleth

Christopher Soehnlein2022-04-01T11:12:34-05:00April 1st, 2022|Categories: HTB, Technology|Tags: CVE-2021-27928, ffuf, IPMI, john, MariaDB, UDP, Zabbix|

Shibboleth from HTB features an exploitable IPMI open on UDP and Zabbix actions for a reverse shell. Once on the box we exploit a vulnerable MariaDB for root.

Welcome!

Digital Solutions

“Wisdom is not a product of schooling but of the lifelong attempt to acquire it.”

Albert Einstein

My Creative Side

IslandDog Thoughts: My blog which covers new technology, my life, HTB guides and more!

IslandDog Thoughts:
My blog which covers new technology, my life, HTB guides and more!