Writeup
MAQUINA WALKINGCMSMAQUINA MYBB (Virtual Host - MYBB 1.8.35 RCE CVE-2023-41362 - PrivEsc Sudo rb)MAQUINA PN (EXPLOIT UPLOAD .WAR TOMCAT - RCE 'MSFVENOM')MAQUINA DANCE SAMBA (Enum4linux Smbclient ssh keygen id_rsa PrivEsc file})MAQUINA PYSCHO (Fuzzing Parametros VULN WEB LFI con FUZZ Pivoting User PrivEsc {python3 paw.py})MAQUINA VENENO (Fuzzing parámetro LFI RCE log poisoning)MAQUINA NODECLIMB (FTP anonymous - zip2john - PrivEsc 'binario NODE')MAQUINA whereismywebshell (FUZZING de PARAMETROS con FUFF - RCE)MAQUINA INCLUSION (Fuzz WEB - LFI - Brute Force User - PrivEsc PHP)MAQUINA HACKERZONE (Fuzzing Web - Upload Revershell - Mov Lateral - PrivEsc sudo -l 'cat')MAQUINA APOLO ( FUZZING WEB + SQLMAP url-cookie + cracking passwd user + Group shadow)MAQUINA ASUCAR ( WORDPRESS + BRUTEFORCE 'HYDRA' + PRIVESC 'PUTTYGEN')MAQUINA BASHPARIENCIAS (PIVOTING USER + PRIV ESC. 'suplantacion con TEE')MAQUINA BorazuwarahCTFMAQUINA CHMOD 4755 (BRUTE FORCE SAMBA - ESCAPAR DE RBASH - CURL PARA ESCALADA DE PRIV)MAQUINA CHANGELOG (BRUTE FORCE USER + PRIV ESC 'NANO')MAQUINA CHOCOLATEFIRE (Openfire CVE-2023-32315 + FORCE BRUTE SSH + PRIVESC SUBSHELL o PERM SUID bashMAQUINA AGUA DE MAYO (DECODE BRAYNFUCK + BINARY BETTERCAP PRIVESC. + PRIVescalation LXD)