Description: This permissions scanner is a project I created back in April 2022 and has helped tremendously in CTFs and other situations that require me to locate all files and directories accessible by the currently logged in user. This script will be useable on both Windows and Linux. This project uses an octal pattern to search the Linux filesystem and a username pattern for Windows.
*This is not a Python educational blog post.
Description: A local privilege escalation vulnerability was found on polkit’s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn’t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it’ll induce pkexec to execute arbitrary code.
Description: Today I will be showing you how to install Google Chrome on Kali Linux by writing a bash script from scratch.
GitHub Link (Remember to follow me if you liked this code!): https://github.com/battleoverflow/chrome-install
Setting up environment First, create a file called chrome-install.sh, and then open the file in your preferred IDE or editor.
After this file is created, we can begin writing the code.
The first few lines we will want to add:
Description: Universal CTF is a project I started to help improve CTF experiences for beginners and speed up gathering results for veterans. Thanks to Universal CTF, you will no longer have to type out long commands over and over again, now you have a beautiful terminal based program to handle it all for you!
You can view the project this blog post is based on here: https://github.com/battleoverflow/universal-ctf
Welcome to a short blog post about a new program I wrote in Python to help those getting into CTFs in a more beginner-friendly way.
Description: You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker!
Disclaimer: This writeup is for a room located on TryHackMe. If you would like to attempt the room, please visit it here.
Task 1 Deploy the machine by clicking the Deploy button.
Task 2 After the machine has finished booting up, run the following command to reveal the open ports on the network (If using personal Linux machine, remember to use OpenVPN):
Description: This room is based on the original Pokemon series. Can you obtain all the Pokemon in this room?
If you came across this from somewhere other then TryHackme, view my room here: https://tryhackme.com/room/pokemon
Question 1 Run Nmap to search open ports
nmap -sC -sV -Pn <Machine_IP> (The server DOES ping, I just prefer -Pn for silence)
After running a Nmap scan, we’ll see that there is an ssh & HTTP port open.
