SUID - Gareth Oates

Gareth Oates

Sign in Subscribe

SUID

A collection of 2 posts

HackTheBox | Previse

hackthebox Featured

HackTheBox | Previse

I decided to start trying some of the boxes on HackTheBox for a change, instead of TryHackMe. In the past I've found these to be a bit more difficult generally than THM, so I opted to start with an easy one.

TryHackMe | Mustacchio

tryhackme Featured

TryHackMe | Mustacchio

I decided to try another TryHackMe capture the flag room. This time it was Mustacchio. This room involved one of the OWASP Top 10 vulnerabilities called A4:2017-XML External Entities (XXE). This vulnerability, when exploited, can be used to expose internal files, that the user should not be allowed to