Linux – Page 7 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Hack The Box: Checker Machine Walkthrough – Hard Difficulty

Successfully exploited CVE-2023-1545 in Teampass to extract user credentials and leveraged CVE-2023-6199 in BookStack to obtain an OTP, gaining user-level access on the Checker machine. Privilege escalation was achieved by exploiting a sudo script interacting with shared memory, setting the SUID bit on /bin/bash to capture the root flag. A great example of combining application vulnerabilities with creative privilege escalation techniques!

#Cybersecurity #EthicalHacking #HackTheBox #PenetrationTesting #InfoSec #VulnerabilityResearch #PrivilegeEscalation #CTF #SecurityResearch

The post Hack The Box: Checker Machine Walkthrough – Hard Difficulty appeared first on Threatninja.net.

May 31, 2025

0 comment

Linux 6.15 Launches with Major Performance and Hardware Upgrades

The Linux 6.15 kernel, released on May 25, 2025, marks a pivotal moment in open-source development, introducing several groundbreaking features and technical advancements. Most notably, this release debuts the first Rust-written Direct Rendering Manage…

May 26, 2025

0 comment

Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity

A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.

May 23, 2025

0 comment

RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagatio…

May 20, 2025

0 comment

The Windows Subsystem for Linux goes open source

Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open source?” WSL allows developers to run unmodified Linux command-line tools, u…

May 20, 2025

0 comment

Containers are just processes: The illusion of namespace security

In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and faster security improvements, making OSS often more secure than proprietary co…

May 20, 2025

0 comment

Hack The Box: Heal Machine Walkthrough – Medium Difficulty

Writeup Summary: Heal (Hack The Box)

This box involved thorough enumeration that uncovered multiple subdomains, including a Ruby on Rails API. Initial access was gained by chaining a Local File Inclusion vulnerability with password cracking and exploiting a LimeSurvey plugin upload vulnerability. Privilege escalation was achieved by identifying and exploiting an exposed Consul service accessible through SSH port forwarding.

This challenge showcased key red teaming skills: web application exploitation, misconfiguration abuse, credential harvesting, and lateral movement.

#HackTheBox #CyberSecurity #RedTeam #PrivilegeEscalation #BugBounty #WebSecurity #Infosec #CTF #HTB #OffensiveSecurity #LinuxExploitation

The post Hack The Box: Heal Machine Walkthrough – Medium Difficulty appeared first on Threatninja.net.

May 17, 2025

0 comment

Nobara Linux 42 brings performance boost and better hardware support

The Nobara Project has released a new version of its Linux distribution, bringing updated packages, performance improvements, and a few visual tweaks aimed at making life easier for users who want a system that works well out of the box. Nobara Linux 4…

May 14, 2025

0 comment

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core Update 194, packed with security enhancements, performance improvements, and new features to safeguard networks of all sizes. Renowned for its robust feature…

May 12, 2025

0 comment

Hack The Box: Underpass Machine Walkthrough – Easy Difficulty

Successfully completed the “Underpass” machine on Hack The Box! For the user flag, I enumerated SNMP to discover a Daloradius instance, logged in with default credentials, cracked an MD5-hashed password for the svcMosh account, and used SSH to access the user flag in its home directory. To capture the root flag, I escalated privileges by exploiting sudo permissions on mosh-server, obtaining a session key and port to establish a root session and retrieve the flag from /root/root.txt.

#Cybersecurity #HackTheBox #CaptureTheFlag #PenetrationTesting #LinuxSecurity #PrivilegeEscalation #SNMP #Daloradius #EthicalHacking #InformationSecurity

The post Hack The Box: Underpass Machine Walkthrough – Easy Difficulty appeared first on Threatninja.net.

May 10, 2025

0 comment

1 … 5 6 7 8 9 … 37