Apr 13, 2021

10 min read

[HTB] Unattended — Writeup (OSWE-Prep)

Unattended was a medium difficulty Linux box. Good learning path for:

Nginx off-by-slash Attack
SQLi (boolean-based Blind)
SQLi → LFI (Abusing Existing <?php include(); ?>)
LFI → PHP Session Poisoning → RCE
Socket TTY Shell
Linux initrd Exploit

--

More from bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

[ExpDev] Custom Go Crypter

{UPDATE} WordPile Hack Free Resources Generator

in

Coinplug

Coinplug launches the Blacklist Sharing Platform

HOW CAN I UPGRADE MY INTERNET SPEED WITHOUT SPENDING MONEY

in

Immunefi

Cream Finance Insufficient Validation Bugfix Review

Free educational Resources for Cybersecurity

{UPDATE} 水平思考ウミガメのスープ Hack Free Resources Generator

in

Tales from a Security Professional

What more you can do with vulnerability data?

About Help Terms Privacy

Get the Medium app

bigb0ss

bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

More from Medium

Road to OSCP 11: Blocky HackTheBox

TryHackMe: Linux Strength Training Walkthrough

HackTheBox — Shibboleth Writeup

Admin has the power cybertalents challenge solving writeup

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Knowable