All Posts

The Evasion machine is vulnerable to LFI with filter bypass, session poisoning for RCE, crontab, and privilege escalation via sudo.

IAM Machine has the CVE-2021-40438 vulnerability, which allows SSRF in Apache, resulting in temporary AWS credentials and privilege escalation to root.

The application contains vulnerabilities including XXE, RFI, reverse shell, privilege escalation, RCE, cracked password, and unauthorized access to sensitive files.

The application is vulnerable to JWT token forgery, remote code execution (RCE), and privilege escalation via slo-generator.

Application has exposed credentials vulnerability, Function Injection leading to RCE, improper use of eval() in Python, and privilege escalation via verify.py script.