THM: OhMyWebserver is a medium difficulty linux box that presents a fun set of challenges. We’ll exploit multiple CVEs to get remote code executions. There are multiple layers of privilege escalation, as the initial target is a docker container. Let’s get started!

THM: Gallery is a fun boot to root challenge that involves a variety of techniques to get the initial foothold. We’ll start by enumerating an Apache server that’s running a highly flawed image gallery CMS. It is vulnerable to SQL injection which we’ll exploit to bypass authentication. Once logged in we’ll find out there is no filtering or validation on file uploads, and we’ll be able to upload arbitrary PHP code and use that to send ourselves a reverse shell. Finally, we’ll do some basic enumeration on the box to capture the flags.

LazyAdmin is an easy and fun linux box running a PHP-based CMS. We’ll start with some enumeration to find our way around, and that will eventually lead to credentials for the CMS being leaked through a database backup. Once we have admin access we’ll be able to upload and execute arbitrary PHP code, which we’ll exploit to get a shell. There’s not much required to grab the user flag from there, and we can abuse a combination of sudo privileges with wide open file permissions to escalate to a root shell. Let’s get started!

One of the most useful (and in my opinion, coolest!) features of the AWS cloud is the ability to create your own Virtual Private Cloud (VPC). What is a VPC? It’s a private virtual network that allows you to design and launch scalable, secure networks in a matter of minutes. VPCs are logically isolated from other network in the AWS cloud, meaning by default, traffic cannot flow in or out of them.

If you’ve ever started building a project that is running great locally, only to have it fail to build on a teammate’s machine or when deployed to any other environment despite your meticulous, step-by-step setup instructions, you may want to consider using a tool like Vagrant. Vagrant enables you to build a consistent virtual environment for developing and running software from any machine. It’s easy to make your local development environment mirror your production server while also making it portable. This can save lots of time when someone new joins the project, as the setup is all but done for them already.