VL Shinra Part 1 – SQLi, Command Injection & Hash Cracking
This is the first video of a series about Shinra, a virtual company in a private red team lab. We will conduct a full pentest on Shinra and explore various topics along the way.
This is the first video of a series about Shinra, a virtual company in a private red team lab. We will conduct a full pentest on Shinra and explore various topics along the way.
Intercept is a chain of vulnerable machines on Vulnlab and involves stealing hashes with lnk files, a RBCD-Workstation takeover, exploiting... read more
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup &... read more
This is the second video of the Shinra series. Before setting foot onto any of the network's internal machines, we... read more
This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab. read more
On December 10th 2021 the Log4Shell vulnerability, a "0-day" exploit in log4j2 appeared on Twitter. In this post, we will... read more
I'm linking the playlists for both labs here to avoid single posts for every video. Check out https://vulnlab.com if you... read more
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more
This is part four of the Shinra series. We will get to access to a linux server via ssh, exploit... read more
This video is a short overview on what you can do with WinSSH and how to use it. It essentially... read more
This is the third video of the Shinra series. We will get a shell on Ashleighs machine & escalate privileges. read more