# 1gnotus ## Doc - [WHOAMI](https://1gnotus.gitbook.io/ignotus_pwn/whoami.md): Un poco de todo - [Mi camino a la OSCP😘](https://1gnotus.gitbook.io/ignotus_pwn/whoami/mi-camino-a-la-oscp.md): Try Harder y try harder .. No es la maquina si no quien la maneja. - [Mi primer Certificación la eJPT](https://1gnotus.gitbook.io/ignotus_pwn/whoami/mi-primer-certificacion-la-ejpt.md) - [Writeup](https://1gnotus.gitbook.io/ignotus_pwn/vulnyx/writeup.md) - [MAQUINA READY (Acces Anon Redis - Debugfs /dev/sda1 - crack id\_rsa)](https://1gnotus.gitbook.io/ignotus_pwn/vulnyx/writeup/maquina-ready-acces-anon-redis-debugfs-dev-sda1-crack-id_rsa.md): MAQUINA READY - [MAQUINA HAT (FUZZING WEB - BRUTE FORCE FTP - LFI - ACCESS IPV6 - PrivEsc NMAP)](https://1gnotus.gitbook.io/ignotus_pwn/vulnyx/writeup/maquina-hat-fuzzing-web-brute-force-ftp-lfi-access-ipv6-privesc-nmap.md): MAQUINA HAT - [Writeup](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup.md) - [MAQUINA JORDAK (Web RCE jordani 1.0.0 + PRIVESC 'env')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-jordak-web-rce-jordani-1.0.0-+-privesc-env.md) - [MAQUINA ALGERNON (VULn 'smartermail v6985 RCE')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-algernon-vuln-smartermail-v6985-rce.md) - [MAQUINA TWIGGY (CMS MEZZANINA RCE VULN ZEROMQ ZMTP o API SALTSTACK 3000.1 'cve 2020 11651')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-twiggy-cms-mezzanina-rce-vuln-zeromq-zmtp-o-api-saltstack-3000.1-cve-2020-11651.md) - [MAQUINA BOOLEAN (Modificacion de REQUEST con Burpsuite ' confirmed = true ' + LFI + UPLOAD ID\_RSA an](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-boolean-modificacion-de-request-con-burpsuite-confirmed-true-+-lfi-+-upload-id_rsa-an.md) - [MAQUINA AUTHBYT (FTP anonymous y credenciales por defecto + subida de archvio PHP revershell a FTP](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-authbyt-ftp-anonymous-y-credenciales-por-defecto-+-subida-de-archvio-php-revershell-a-ftp.md) - [MAQUINA CLAMV (VULN SMTP 25 'clamv' Sendmail 8.13 SEARCHSPLOIT)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-clamv-vuln-smtp-25-clamv-sendmail-8.13-searchsploit.md) - [MAQUINA COCKPIT (Gobuster extension php + Blaze CMS 'SQLI BYPASS LOGIN' + UBUNTU WEB + REVERSHELL +](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-cockpit-gobuster-extension-php-+-blaze-cms-sqli-bypass-login-+-ubuntu-web-+-revershell-+.md) - [MAQUINA CODO (CODOFORUM 5.1 'RCE + UPLOAD IMG.' + LINPEAS)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-codo-codoforum-5.1-rce-+-upload-img.-+-linpeas.md) - [MAQUINA CVE-2023-40582 (Vulnerabilidad de Inyección de Comando en find exec)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-cve-2023-40582-vulnerabilidad-de-inyeccion-de-comando-en-find-exec.md) - [MAQUINA CVE-2023-46818 (RCE CVE 2023 46818 ispconfig.)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-cve-2023-46818-rce-cve-2023-46818-ispconfig..md) - [MAQUINA DC 2 (Enum Users Wordpress WPSCAN + CEWL wordlists + BruteForce WPSCAN + PRIVESC bin git 'je](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-dc-2-enum-users-wordpress-wpscan-+-cewl-wordlists-+-bruteforce-wpscan-+-privesc-bin-git-je.md) - [MAQUINA DETECTION (WEB 'changedetection' port 5000 + VULN RCE 'changedetection RCE')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-detection-web-changedetection-port-5000-+-vuln-rce-changedetection-rce.md) - [MAQUINA ELECTION1 (Sito web Election 2.0 + PHPmyadmin login + Escalate Priv SERV U)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-election1-sito-web-election-2.0-+-phpmyadmin-login-+-escalate-priv-serv-u.md) - [MAQUINA DVR4 (web 'Argus Surveillance DVR version 4.0.0.0' + Vuln 'Argus Surveillance DVR DIRECTORY](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-dvr4-web-argus-surveillance-dvr-version-4.0.0.0-+-vuln-argus-surveillance-dvr-directory.md) - [MAQUINA EXFILTRED Subrion CMS v4.2.1 File Upload Bypass to RCE (Authenticated) UPLOAD PHAR 'CMD' PRI](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-exfiltred-subrion-cms-v4.2.1-file-upload-bypass-to-rce-authenticated-upload-phar-cmd-pri.md) - [MAQUINA FAIL (ENUM RSYNC 'PUERTO 873' + SSH- KEYGEN + PREVISEC 'GROUP FAIL2BAIN')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-fail-enum-rsync-puerto-873-+-ssh-keygen-+-previsec-group-fail2bain.md) - [MAQUINA FANTASTIC (GRAFANA 8.3 'vuln lfi' + PROMETHEUS 2.32 + ESCALATE PRIV 'group DISK = root + ID\_](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-fantastic-grafana-8.3-vuln-lfi-+-prometheus-2.32-+-escalate-priv-group-disk-root-+-id_.md) - [MAQUINA FUNYBOX (CSE BOOKSTORE 1.0 Vuln rce no autenticado PRIVESC pkexec 'sudo l' extra bypass login SMALL CRM ADMIN 3.0)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-funybox-cse-bookstore-1.0-vuln-rce-no-autenticado-privesc-pkexec-sudo-l-extra-bypass-login-s.md) - [MAQUINA INTERNAL (WINDOWS SERVER 2008 + CVE 2009 3103 + METERPRETER RCE)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-internal-windows-server-2008-+-cve-2009-3103-+-meterpreter-rce.md) - [MAQUINA HUB ( Enum web port 8082 + FUGUHUB + injeccion revershell en LUA)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-hub-enum-web-port-8082-+-fuguhub-+-injeccion-revershell-en-lua.md) - [MAQUINA KEVIN (VULN HP POWER MANAGER 'admin admin' Metasploit PrivEsc 'hp manager filename' Metasploit BufferOverflow 'MANUAL')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-kevin-vuln-hp-power-manager-admin-admin-metasploit-privesc-hp-manager-filename-metasploit-bu.md) - [MAQUINA LEVRAM (Exploit GERAPY 0.9.6 RCE searchsploit + PRIVESC 'CAPABILITES python3.10')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-levram-exploit-gerapy-0.9.6-rce-searchsploit-+-privesc-capabilites-python3.10.md) - [MAQUINA MEDJED (WEBDAV BarracudaDrive 6.5 + Revershell .php creado con msfvenom + PrivEsc local barracudadrive 6.5)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-medjed-webdav-barracudadrive-6.5-+-revershell-.php-creado-con-msfvenom-+-privesc-local-barra.md) - [MAQUINA NUKEM (WORDPRESS 5.5.1 ABUSED PLUGINS SIMPLE LIST 4.4.2 PIVOTING USER MYSQL PASSOWORD PIVOTING PUERTO Y TUNELIZACION SSH PRIVESC 'DOSBOX' CAMBIO DE PERMISOS SUDOERS CON REMMINA)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-nukem-wordpress-5.5.1-abused-plugins-simple-list-4.4.2-pivoting-user-mysql-passoword-pivotin.md) - [MAQUINA PASS (FlatPass 1.2 Vuln 'file upload bypass RCE' Privesc 'apt get')](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-pass-flatpass-1.2-vuln-file-upload-bypass-rce-privesc-apt-get.md) - [MAQUINA PELICAN (RCE ZooKeeper v1 Web UI + RCE + PrivEsc 'gcore pid + extract password 'strings' = root)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-pelican-rce-zookeeper-v1-web-ui-+-rce-+-privesc-gcore-pid-+-extract-password-strings-root.md) - [MAQUINA RAY PROJECT CVE 2023 6019 (COMMANDO INJECTION RAY PROJECT)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-ray-project-cve-2023-6019-commando-injection-ray-project.md) - [MAQUINA SHENZI (Enum SMB 'nullsesion' + Directory Web = Nombre del recurso compartido + WORDPRESS RC](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-shenzi-enum-smb-nullsesion-+-directory-web-nombre-del-recurso-compartido-+-wordpress-rc.md) - [MAQUINA BRATARINA (SMB null session + RCE 'OPENSMTPD 2.0.0') + (MODIFICACION passwd 'agregar password' + Subscribir archivo etc passwd)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-bratarina-smb-null-session-+-rce-opensmtpd-2.0.0-+-modificacion-passwd-agregar-password-+-su.md) - [MAQUINA SQUID (web proxy SQUID 4.14 + 'RCE UPLOAD script' PHPMYADMIN 5.0.2)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-squid-web-proxy-squid-4.14-+-rce-upload-script-phpmyadmin-5.0.2.md) - [MAQUINA PC (PortForwarding port 65432 - PrivEsc 0-day 2022 rpc.py)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-pc-portforwarding-port-65432-privesc-0-day-2022-rpc.py.md) - [MAQUINA FUNBOXEASY (Enum directory - RCE .php - Pivoting User - PrivEsc SUDO-L)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-funboxeasy-enum-directory-rce-.php-pivoting-user-privesc-sudo-l.md) - [MAQUINA SLORT (Enum de directorios Acceso a la maquina con LFI and RCI PrivEsc Auto Elevated Executable Hijacking)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-slort-enum-de-directorios-acceso-a-la-maquina-con-lfi-and-rci-privesc-auto-elevated-executab.md) - [MAQUINA PASSPORT (Enum Directorios ss2john id rsa PrivEsc Creacion de archivo con permisos SUID)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-passport-enum-directorios-ss2john-id-rsa-privesc-creacion-de-archivo-con-permisos-suid.md) - [MAQUINA PYLOADER (pyload 0.5.0 Rce No autenticado)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-pyloader-pyload-0.5.0-rce-no-autenticado.md) - [MAQUINA HUTCH (Netexec LDAP enum - PrivEsc Netexec DUMP Laps)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-hutch-netexec-ldap-enum-privesc-netexec-dump-laps.md) - [MAQUINA GAARA (Brute Force SSH PrivEsc 'gdb' gtfobins)](https://1gnotus.gitbook.io/ignotus_pwn/proving-ground-practice-and-play/writeup/maquina-gaara-brute-force-ssh-privesc-gdb-gtfobins.md) - [CheetSeet WPSCAN](https://1gnotus.gitbook.io/ignotus_pwn/cheet-seet/cheetseet-wpscan.md) - [Writeup](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup.md) - [MAQUINA WALKINGCMS](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-walkingcms.md) - [MAQUINA MYBB (Virtual Host - MYBB 1.8.35 RCE CVE-2023-41362 - PrivEsc Sudo rb)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-mybb-virtual-host-mybb-1.8.35-rce-cve-2023-41362-privesc-sudo-rb.md) - [MAQUINA PN (EXPLOIT UPLOAD .WAR TOMCAT - RCE 'MSFVENOM')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-pn-exploit-upload-.war-tomcat-rce-msfvenom.md) - [MAQUINA DANCE SAMBA (Enum4linux Smbclient ssh keygen id\_rsa PrivEsc file})](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-dance-samba-enum4linux-smbclient-ssh-keygen-id_rsa-privesc-file.md) - [MAQUINA PYSCHO (Fuzzing Parametros VULN WEB LFI con FUZZ Pivoting User PrivEsc {python3 paw.py})](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-pyscho-fuzzing-parametros-vuln-web-lfi-con-fuzz-pivoting-user-privesc-python3-paw.py.md) - [MAQUINA VENENO (Fuzzing parámetro LFI RCE log poisoning)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-veneno-fuzzing-parametro-lfi-rce-log-poisoning.md) - [MAQUINA NODECLIMB (FTP anonymous - zip2john - PrivEsc 'binario NODE')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-nodeclimb-ftp-anonymous-zip2john-privesc-binario-node.md) - [MAQUINA whereismywebshell (FUZZING de PARAMETROS con FUFF - RCE)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-whereismywebshell-fuzzing-de-parametros-con-fuff-rce.md) - [MAQUINA INCLUSION (Fuzz WEB - LFI - Brute Force User - PrivEsc PHP)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-inclusion-fuzz-web-lfi-brute-force-user-privesc-php.md) - [MAQUINA HACKERZONE (Fuzzing Web - Upload Revershell - Mov Lateral - PrivEsc sudo -l 'cat')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-hackerzone-fuzzing-web-upload-revershell-mov-lateral-privesc-sudo-l-cat.md) - [MAQUINA APOLO ( FUZZING WEB + SQLMAP url-cookie + cracking passwd user + Group shadow)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-apolo-fuzzing-web-+-sqlmap-url-cookie-+-cracking-passwd-user-+-group-shadow.md) - [MAQUINA ASUCAR ( WORDPRESS + BRUTEFORCE 'HYDRA' + PRIVESC 'PUTTYGEN')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-asucar-wordpress-+-bruteforce-hydra-+-privesc-puttygen.md) - [MAQUINA BASHPARIENCIAS (PIVOTING USER + PRIV ESC. 'suplantacion con TEE')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-bashpariencias-pivoting-user-+-priv-esc.-suplantacion-con-tee.md) - [MAQUINA BorazuwarahCTF](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-borazuwarahctf.md) - [MAQUINA CHMOD 4755 (BRUTE FORCE SAMBA - ESCAPAR DE RBASH - CURL PARA ESCALADA DE PRIV)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-chmod-4755-brute-force-samba-escapar-de-rbash-curl-para-escalada-de-priv.md) - [MAQUINA CHANGELOG (BRUTE FORCE USER + PRIV ESC 'NANO')](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-changelog-brute-force-user-+-priv-esc-nano.md) - [MAQUINA CHOCOLATEFIRE (Openfire CVE-2023-32315 + FORCE BRUTE SSH + PRIVESC SUBSHELL o PERM SUID bash](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-chocolatefire-openfire-cve-2023-32315-+-force-brute-ssh-+-privesc-subshell-o-perm-suid-bash.md) - [MAQUINA AGUA DE MAYO (DECODE BRAYNFUCK + BINARY BETTERCAP PRIVESC. + PRIVescalation LXD)](https://1gnotus.gitbook.io/ignotus_pwn/dockerlabs/writeup/maquina-agua-de-mayo-decode-braynfuck-+-binary-bettercap-privesc.-+-privescalation-lxd.md) - [Writeups](https://1gnotus.gitbook.io/ignotus_pwn/tryhackme/writeups.md) - [MAQUINA GOLD-EYES ( BRUTE FORCE pop3 - smtp mail - CMS MOODLE 2.2.3 ERROR ORTOGRAFICO - PRIVESC KERN](https://1gnotus.gitbook.io/ignotus_pwn/tryhackme/writeups/maquina-gold-eyes-brute-force-pop3-smtp-mail-cms-moodle-2.2.3-error-ortografico-privesc-kern.md) - [MAQUINA MD2PDF (WEB SSRF CVE-2023-35583 wkhtmlOpdf 0.12.6)](https://1gnotus.gitbook.io/ignotus_pwn/tryhackme/writeups/maquina-md2pdf-web-ssrf-cve-2023-35583-wkhtmlopdf-0.12.6.md) - [Writeups](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups.md) - [MAQUINA TORRIJAS(CMS WORDPRESS 6.7.2, WPSCAN PLUGINS 'WP DIRECTORY FREE 1.7.9 LocalFileInclusion PRIVESC bpftrace)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-torrijas-cms-wordpress-6.7.2-wpscan-plugins-wp-directory-free-1.7.9-localfileinclusion-prive.md) - [MAQUINA FACULTAD (Enum WPSCAN - wordpress UPLOAD RCE WP-FILE-MANAGER - PrivEsc SUDO -L RCE)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-facultad-enum-wpscan-wordpress-upload-rce-wp-file-manager-privesc-sudo-l-rce.md) - [MAQUINA FRUITS (FUZZING de parámetros LFI BRUTEFORCE password PRIVESC binario FIND)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-fruits-fuzzing-de-parametros-lfi-bruteforce-password-privesc-binario-find.md) - [MAQUINA TORTUGA (Brute Force Password - Mov Lateral - PrivEsc Capabilites Python3.11)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-tortuga-brute-force-password-mov-lateral-privesc-capabilites-python3.11.md) - [MAQUINA DRAGON (Brute Force Password - PrivEsc /usr/bin/vim)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-dragon-brute-force-password-privesc-usr-bin-vim.md) - [MAQUINA GRILLO (BruteForce SSH - PrivEsc /usr/bin/puttygen)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-grillo-bruteforce-ssh-privesc-usr-bin-puttygen.md) - [MAQUINA SHINED (WFuzz search parametros + ruta - Olevba xmls - Mov Lateral - PrivEsc backup.tar.gz)](https://1gnotus.gitbook.io/ignotus_pwn/thehacklabs/writeups/maquina-shined-wfuzz-search-parametros-+-ruta-olevba-xmls-mov-lateral-privesc-backup.tar.gz.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://1gnotus.gitbook.io/ignotus_pwn/whoami.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.