Footage from Tehran shows burned vehicles, wrecked buildings, towering plumes of smoke, and a massive crater.
Hack The Box: Guardian Machine Walkthrough – Hard Difficulty
🔐 User Flag — Compromising the Application Layer
Successfully rooted the Guardian (Hard) machine on Hack The Box by chaining multiple real-world web vulnerabilities.Initial access was achieved through credential abuse and IDOR within the student portal. Leaked chat credentials exposed internal Gitea repositories containing hardcoded database secrets. A vulnerable XLSX file upload feature allowed formula injection → XSS → session hijacking. Leveraging CSRF, I created a rogue admin account and escalated privileges within the application. From there, an LFI vulnerability combined with a PHP filter chain led to Remote Code Execution. After gaining a shell as www-data, I reused leaked credentials to pivot laterally to user jamil, capturing the user flag.
👑 Root Flag — From Code Injection to Full System Compromise
Privilege escalation started with sudo -l, revealing that jamil could execute a Python utility as user mark without a password. Since one of the Python files was writable, I injected code to spawn a shell as mark. Further enumeration uncovered a custom binary (safeapache2ctl) executable as root. A flawed validation mechanism in its Apache config parsing allowed path traversal and arbitrary file inclusion. By crafting a malicious shared object (evil.so) and abusing the wrapper’s improper include validation, I achieved root-level code execution and obtained a root shell.
The post Hack The Box: Guardian Machine Walkthrough – Hard Difficulty appeared first on Threatninja.net.
US Calls Iran Strike “Operation Epic Fury”, After 2025’s “Midnight Hammer”
The United States carried out a major military strike on Iran, pledging to cripple the country’s armed forces, dismantle its nuclear programme and push for a change in leadership, US President Donald Trump said.
Oil Tankers Avoiding Vital Hormuz Strait After US Bombs Iran
submitted by /u/joe4942 [link] [comments]
Moment Iranian strike hits US military base in Bahrain
Black smoke rose over Manama after Iran’s Revolutionary Guard said it struck the US 5th Fleet in Bahrain in retaliation for joint US-Israel attacks. A centre at the headquarters of the US Fifth Fleet was hit by a ‘missile attack’, the country’s authori…
US and Israel attack Iran as Trump says US begins ‘major combat operations’
US President Donald Trump said on Saturday that Washington had begun “major combat operations” in Iran after Israel and the United States launched a joint attack on the Islamic Republic Saturday. In retaliation, Iran attacked Israel as well as several…
Dubai shuts airport & flights halted in Middle East leaving thousands stranded as Iran blitz sparks chaos for tourists
TOURISTS have been thrown into turmoil after a wave of flight cancellations between Western Europe and the Middle East following US and Israeli strikes on Iran. The “major combat operation” announced by Donald Trump on Saturday morning triggered immedi…
‘Obama will attack, will use Iran card’: Trump’s old tweet resurfaces after US-Israeli strikes
Explosions rocked Tehran after US-Israeli strikes, reviving Donald Trump’s 2013 tweet predicting Obama would attack Iran. Now, with “Operation Epic Fury” targeting Iran and Tehran retaliating, Trump’s past accusations of using Iran for political gain e…
Xiaomi launches flagship smartphone as memory price surge threatens sales
The Xiaomi 17 starts at 999 euros ($1,179) while the Xiaomi 17 Ultra starts at 1,499 euros, with the device priced the same as its predecessor.
Iran’s evil Ayatollah is DEAD, Trump says after US president vowed to obliterate terror regime with ‘Epic Fury’ blitz
EVIL Ali Khamenei has been killed in a massive blitz on Iran, Donald Trump tonight confirmed. The Ayatollah, 86, suffered an inglorious death as he was wiped out despite fleeing Tehran after the US president vowed to obliterate the rogue nation’s …