Aydin NaserifardinInfoSec Write-upsDownload | LFI | ORM Injection | Teletypewriter (TTY) hijacking | PostgreSQL | NodeJSHere’s a summary of the key points of Download HTB machine:Dec 6, 2023Dec 6, 2023
Aydin NaserifardinInfoSec Write-ups$1800 Bounty: Exploiting Unpredictable Data that Leads to All Users PII Exposure in an IDOR…IntroductionNov 4, 20234Nov 4, 20234
Aydin NaserifardinInfoSec Write-upsJupiter | HTB | Grafana | raw SQL Query | Shadow Simulator RCE | SattrackJupiter is a medium-level challenge that kicks off with a Grafana dashboard. The journey begins with the quest to pinpoint a potential…Oct 29, 2023Oct 29, 2023
Aydin NaserifardinInfoSec Write-upsAero HTB | Windows 11 RCE & PrivESC | Themebleed | CLFSAero is a Windows machine of moderate difficulty, featuring two recently discovered vulnerabilities: CVE-2023–38146, a Windows 11 Themes…Oct 8, 20231Oct 8, 20231
Aydin NaserifardinInfoSec Write-upsOnlyForYou HTB | LFR | RCE | Cypher Injection (Neo4j) graph database | pip3 download code executionHere’s a summary of the key points of Only4you HTB machine:Sep 5, 2023Sep 5, 2023
Aydin NaserifardinInfoSec Write-upsMailroom HTB | Gitea | XSS | NoSqli | RCE | Exploit Development | StraceMailroom is a challenging Linux machine that hosts a custom web app and a Gitea code repository. The web app has vulnerabilities to…Aug 20, 2023Aug 20, 2023
Aydin NaserifardinInfoSec Write-upsWormGPT: Is it Vulnerable?A few days ago, news was published about a new tool called WormGPT which doesn’t have the limitations of the ChatGPT tool. thats weird!Jul 21, 20231Jul 21, 20231
Aydin NaserifardinInfoSec Write-upsHack The Box Cyber Santa CTF 2021 — Common MistakeFrom the Crypto Category of Cyber Santa Is Coming To Town CTF which was going on from 1st to 5th December 2021, there was a challenge…Dec 8, 20211Dec 8, 20211
Aydin NaserifardinInfoSec Write-upsGuide Point Security CTF — Get Hexy (OCT 2021)In the Misc Category of Guide Point CTF which was held on 12 October to 18 October 2021, there was a challenge called “Get Hexy”. let’s…Nov 9, 20211Nov 9, 20211
Aydin NaserifardinInfoSec Write-upsYear Of The Jellyfish TryHackMe! Walk ThroughI’m going to solve another room called “Yearofthejellyfish“. It’s available at TryHackMe with Hard difficulty level.Jul 24, 2021Jul 24, 2021