Introduction Team Qualys discovered a local privilege escalation vulnerability in PolicyKit’s (polkit) setuid tool pkexec which allows low-level users to run commands as privileged users.
Introduction Often while configuring Active Directories, system admins don’t recognize the harm that comes with allowing a local administrator account on a system assigned to
Introduction Anubis is an “insane” level CTF box available on the HackTheBox platform designed by 4ndr34z. The box covers a real-life scenario of initial exploitation
Introduction According to Red Hat, “Polkit stands for PolicyKit which is a framework that provides an authorization API used by privileged programs.” Pkexec is a
Introduction Security analysts who have some knowledge about Active Directory and pentesting would know the concept of tickets. Kerberos, the default authentication mechanism in an
Introduction Forge is a CTF Linux box rated “medium” on the difficulty scale on the HackTheBox platform. The box covers subdomain enumeration, SSRF attacks and
Introduction Gabriel Landau released a post on Elastic Security here which talks about a technique through which antivirus evasion was found to be possible. The
Proxy Programmer’s Corrosion: 2 is a Vulnhub medium machine. We can download the lab from here. This lab is designed for experienced CTF players who
Introduction Intelligence is a CTF Windows box with difficulty rated as “medium” on the HackTheBox platform. The machine covers OSINT, AD attacks, and silver ticket