Just finished a Proving Grounds box. Here was my comment: "Holy Cow! This sucker took years off my life. I spent over 15 hours on it and still had to wave the white flag and take the write-up-to-root attack vector. I did learn a lot. But was Satan's idea of intermediate." Took a look at the community rating "Very Hard." Welp, I agree. #oscp #provingGrounds #infosec

Ran over 7 miles today on a stretch of trail with no people on it. No smile and nod action. (Introvert's dream.) Then rooted a Proving Grounds Windows machine with zero referencing of Discord, forum, write-ups. I was actually able to find the annoyingly stupid default password this time. And managed to navigate a proxy on the sucker...through a bit of a fluke. I'm now up to 45 lab machines, 2 pg machines, and 58 htb machines. #oscp #provingGrounds #infosec #running

Nuevo post en el blog. En este caso resolvemos el CTF SLORT de la plataforma de Offensive Security, #provinggrounds. Es una máquina #Windows donde a partir de una vulnerabilidad de RFI accederemos al sistema. Para la elevación de privilegios, durante la enumeración encontraremos un directorio #Backup que contiene un archivo TFTP.EXE que tendremos permisos para sobrescribir y convertirlo en malicioso. Tras esto, solo quedará esperar a que se ejecute para recibir acceso con un usuario con máximos privilegios.

https://lnkd.in/d2iGFyii

Nuevo por en el blog. En este caso resolvemos el CTF Helpdesk de la plataforma de Offensive Security, #ProvingGrounds. Helpdesk es una máquina #Windows de dificultad fácil donde explotaremos los CVEs, CVE-2009-3103 (MS09-050) y CVE-2014-5301. El primero está relacionado con una vulnerabilidad de SMBv2 que nos permite toma acceso en el objetivo con máximos privilegios. El segundo está relacionado con el gestor de dispositivos ManageEngine y que también nos permite tomar el control de la máquina con máximos privilegios.

https://lnkd.in/d-smjpe5

Proving Grounds: ecco i playoff - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #1agosto https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm92aW5nLWdyb3VuZHMtZWNjby1pLXBsYXlvZmYv

ProGro, finalmente Webidoo - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #8luglio https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm9ncm8tZmluYWxtZW50ZS13ZWJpZG9vLw==

Sorpresa: i Dsyre cadono in ProGro - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #3luglio https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9zb3JwcmVzYS1pLWRzeXJlLWNhZG9uby1pbi1wcm9ncm8v

Sorpresa: i Dsyre cadono in ProGro - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #1luglio https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9zb3JwcmVzYS1pLWRzeXJlLWNhZG9uby1pbi1wcm9ncm8v

Proving Grounds: la vetta è solo Dsyre - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #26giugno https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm92aW5nLWdyb3VuZHMtbGEtdmV0dGEtZS1zb2xvLWRzeXJlLw==

Proving Grounds: la vetta è solo Dsyre - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #24giugno https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm92aW5nLWdyb3VuZHMtbGEtdmV0dGEtZS1zb2xvLWRzeXJlLw==

Proving Grounds, Dren Esports e Dsyre in testa - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #19giugno https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm92aW5nLWdyb3VuZHMtZHJlbi1lc3BvcnRzLWUtZHN5cmUtaW4tdGVzdGEv

Proving Grounds, Dren Esports e Dsyre in testa - EsportsMag #VpgItaliaProClub #LeagueofLegends #PGNationals #provinggrounds #17giugno https://parliamodi.news/article/aHR0cHM6Ly93d3cuZXNwb3J0c21hZy5pdC9wcm92aW5nLWdyb3VuZHMtZHJlbi1lc3BvcnRzLWUtZHN5cmUtaW4tdGVzdGEv