Armageddon ๐ May 20, 2022 ยท โ 6 min read ยท โ๏ธ T4r0 Drupal, Drupalgeddon, Restricted shell, Dumping database, Password cracking, Snap, Dirty sock
Ophiuchi ๐ May 15, 2022 ยท โ 10 min read ยท โ๏ธ T4r0 Yaml deserialization, Java shell, Tomcat password, sudo -l, Go
Spectra ๐ May 10, 2022 ยท โ 4 min read ยท โ๏ธ T4r0 Chrome OS, Wordpress, sudo -l, Directory listing
Delivery ๐ Jun 11, 2021 ยท โ 4 min read ยท โ๏ธ T4r0 Helpdesk, Mattermost, Ticketing trick, Internal chat, SQL enumeration, Hashcat rules, Hash cracking
ScriptKiddie ๐ Jun 11, 2021 ยท โ 5 min read ยท โ๏ธ T4r0 CVE-2020-7384, msfvenom command injection, script command injection
Laboratory ๐ Apr 17, 2021 ยท โ 9 min read ยท โ๏ธ T4r0 Gitlab, Arbitary file read, RCE, SUID, PATH exploitation
Luanne ๐ Mar 27, 2021 ยท โ 7 min read ยท โ๏ธ T4r0 Lua, API, Command injection, Password cracking, File decrypt
Passage ๐ Mar 3, 2021 ยท โ 6 min read ยท โ๏ธ T4r0 Cute news, CVE, File system enumeration, Insecure ssh, USBcreator
The great escape ๐ Feb 22, 2021 ยท โ 12 min read ยท โ๏ธ T4r0 Well known web files, SSRF, Exploiting internal api, git history, port knocking, exposed docker daemon, escaping docker by mounting host volume
Cmess ๐ Dec 5, 2020 ยท โ 7 min read ยท โ๏ธ T4r0 Subdomain enumeration, Gila CMS, Wildcard injection