Blog


Topic:

Wet Leg - Wet Leg (Review) - What I'm Listening To (WILT)

Thu, Apr 14, 2022

My review of Wet Leg's debut album and Sheffield album launch gig.

Widowspeak - The Jacket (Review) - What I'm Listening To (WILT)

Fri, Mar 18, 2022

My review of Widowspeak's 2022 record, the Jacket.

Introduction - What I'm Listening To (WILT)

Fri, Mar 18, 2022

An introduction to WILT, my music blog series.

My OSCP Experience

Sat, Oct 16, 2021

How I prepared, what I learned, and tips for future students

OSCP Practice Exam Writeups - Cybersecurity

Wed, Sep 29, 2021

Writeups of two unofficial OSCP practice exams, with sample reports.

Writeup - Hack the Box (HTB)

Sun, Aug 01, 2021

My writeup for the HacktheBox Writeup machine. This was a really fun box that used a CMS vulnerability to grab a user password, and a MOTD exploit for root.

Devel - Hack the Box (HTB)

Sun, Aug 01, 2021

My writeup for the HacktheBox Devel machine. A simple box involving an unrestricted webshell upload and Juicy Potato for System.

Shocker - Hack the Box (HTB)

Sun, Aug 01, 2021

My writeup for the HacktheBox Shocker machine. An easy box that involved exploiting Shellshock followed by a Perl GTFOBin.

Armageddon - Hack the Box (HTB)

Sat, Jul 24, 2021

My writeup for the HacktheBox Armageddon machine. An easy box that used a Drupal exploit followed by Dirty Sock, an exploit of snap running as root.

Atom - Hack the Box (HTB)

Sun, Jul 18, 2021

My writeup for the HacktheBox Atom machine. A medium-rated box that involved exploiting an auto-updater in an Electron app and finding some exposed Redis credentials.

Optimum - Hack the Box (HTB)

Sun, Jun 20, 2021

My writeup for the HacktheBox Optimum Machine. An easy machine that involved exploiting HFS and MS16-030.

OSCP Preparation Series - An Introduction

Sun, Jun 20, 2021

Some brief thoughts on where I am on my OSCP journey, and why I'm doing writeups the way I am.

Scriptkiddie - Hack the Box (HTB)

Sat, Jun 12, 2021

My writeup for the HacktheBox Scriptkiddie machine. A fairly easy but extremely fun and flavourful Linux machine involving breaking a kid hacker's site.

Cereal - Hack the Box (HTB)

Thu, Jun 10, 2021

My writeup for the HacktheBox Cereal Machine (User only). A really difficult Web machine involving a chain of XSS and Deserialisation vulnerabilities in a .NET application.

Bashed - Hack the Box (HTB)

Thu, May 06, 2021

My writeup for the HacktheBox Bashed Machine, a box that involved finding a built-in PHP shell on a website for foothold, and exploiting an automated root process for root.

Jerry - Hack the Box (HTB)

Tue, May 04, 2021

My writeup for the HacktheBox Jerry Machine, an easy box that involves uploading a malicious WAR file to a badly secured Tomcat server.

Lame - Hack the Box (HTB)

Tue, May 04, 2021

My writeup for the HacktheBox Lame Machine, an easy box that involves exploiting a command injection in SMB login.

Legacy - Hack the Box (HTB)

Sun, May 02, 2021

My writeup for the HacktheBox Legacy Machine, another simple box that requires exploiting Eternal Blue on Windows XP.

Blue - Hack the Box (HTB)

Sat, May 01, 2021

My writeup for the HacktheBox Blue Machine, a simple box that requires exploiting Eternal Blue to get SYSTEM access.

Bucket - Hack the Box (HTB)

Thu, Apr 29, 2021

My writeup for the HacktheBox Bucket Machine. An extremely fun medium-rated machine that involved AWS Localstack and exploiting a locally hosted website.