Tag: vulnhub

PwnLab write-up: Init (Vulnhub): LFI with wrappers, file upload for RCE and escalation via SUID/PATH and injection in echo.

Quaoar write-up (VulnHub): a simple machine for getting started in pentesting. We exploit WordPress with default credentials and upload a webshell for RCE, then escalate to root with DirtyCow.