My name is Chris and I am a Jack of all Trades, technophile with a special focus on cybersecurity and cloud solutions. I am originally from Toronto, Ontario, and currently living in the Cayman Islands.
Below are just some of the vendors and technologies I've worked with, implemented or maintained.
Christopher Soehnlein2021-08-17T10:28:53-05:00August 13th, 2021|Categories: HTB, Technology|Tags: APT, BypassLogin, Disclaimer, enum4linux, ffuf, GTFOBins, NMAP, PostFix, python3, SID_users, SMTP, SQL|
Writer from HTB features a website with a weak login and a code executable uploader. Once on the box we exploit postfix and apt allowing us to get root.
Christopher Soehnlein2021-08-05T10:44:18-05:00August 5th, 2021|Categories: HTB, Technology|Tags: AlwaysInstallElevated, HTB, love, MSFVenom, SSL|
Love is an Easy box from HTB and created by pwnmeow. This box features subdomain lookups and AlwaysInstallElevated privesc.
Christopher Soehnlein2021-07-30T10:27:34-05:00July 30th, 2021|Categories: HTB, Technology|Tags: CSRF, CVE-2019-5736, docker, HTB, JWT, TheNotebook, WSO|
TheNotebook is an Medium box from HTB and created by mostwanted002. This box features a CSRF exploit via JWT and a docker exploit.
Christopher Soehnlein2021-07-30T10:18:25-05:00July 29th, 2021|Categories: HTB, Technology|Tags: BurpSuite, CyberChef, eval, LFI, Linux, python3, URLEncode, XML, XXE|
BountyHunter is an Easy box by ejedev. It has a poorly configured XML form vulnerable to an XXE/LFI which gives us creds. Next we exploit a script for root.
Christopher Soehnlein2021-07-27T09:21:53-05:00July 27th, 2021|Categories: HTB, Technology|Tags: cron, ffuf, LDAP, ldapsearch, LFI, Linux, nginx, NMAP, vsftp|
Pikaboo is a Hard box created by pwnmeow and polarbearer. It features poorly configured web server vulnerable to an LFI and log poisoning technique.
Christopher Soehnlein2021-07-23T11:08:07-05:00July 23rd, 2021|Categories: HTB, Technology|Tags: DirtySock, Drupal, Drupalgeddon2, john, snap, WSO|
Armageddon is an Easy box from HTB and created by bertolis. This box features the widely known Drupalgeddon exploit and a DirtySock escalation.
©2014 – 2021 • ISLANDDOG • Powered by WordPress