Antique Write-Up Antique is a retired machine highlighting a known vulnerability with HP JetDirect and SNMP. Initial Foothold The description gives us a crucial service to work with and some hints on potential weaknesses. First, let’s do a quick nmap scan. My favorite is: sudo nmap <IP> …

PC (Linux) WriteUp PC is a retired machine focusing on gRPC, SQL injection, and privilege escalation via an RCE vulnerability. We can refer to CVE-2023-0297 for escalation. Initial Foothold We can enumerate open ports using nmap: sudo nmap <IP> -sS -Pn -n --disable-arp -p- I’m using a …

Crafty (Easy) Box Overall a very fun box. Crafty is a retired box that explores a Log4j vulnerability present in a 1.16.16 Minecraft Server. Initial Foothold Reading the description, the box has a pre-auth Log4j vulnerability. But before going into that, we should scan the ports. sudo nmap …