#exploitation articles

JJebitoksharonjebitok.comJun 4 · 37 min read

Metasploit: Scanning and Exploitation (TryHackMe)

Link to the Walkthrough/Challenge on TryHackMe: Metasploit: Scanning and Exploitation Introduction In the previous room, you learned how to navigate the Metasploit Framework: searching for modules, co

0

JJebitoksharonjebitok.comJun 3 · 20 min read

Cyber Kill Chain (TryHackMe)

Link to the Walkthrough on TryHackMe: Cyber Kill Chain Introduction Inspired by the military kill chains, the Cyber Kill Chain is a cyber security framework introduced by Lockheed Martin in 2011. It i

0

ASaviral srivastavaaviraxroot.hashnode.devMar 19 · 9 min read

CVE-2026-33017: How I Found an Unauthenticated RCE in Langflow by Reading the Code They Already Fixed

In early 2025, CISA added CVE-2025-3248 to their Known Exploited Vulnerabilities catalog. It was an unauthenticated remote code execution bug in Langflow, the popular open-source AI workflow builder w

0

JJebitoksharonjebitok.comFeb 16 · 5 min read

Django: CVE-2025-64459 (TryHackMe)

Introduction Django is a widely used Python web framework that exposes Object-Relational Mapping (ORM) layer to let developers query databases using familiar Python syntax. That convenience becomes a liability when user input is fed straight into ORM...

0

VNVũ Nhật Lâmblog.fiscybersec.comDec 30, 2025 · 5 min read

Phát hiện lỗ hổng RCE nghiêm trọng trong nền tảng tự động hóa n8n (CVE-2025-68613)

Mở đầu Một lỗ hổng bảo mật cực kỳ nghiêm trọng vừa được công bố trong nền tảng tự động hóa quy trình n8n, cho phép thực thi mã từ xa (Remote Code Execution – RCE) thông qua cơ chế xử lý biểu thức phía máy chủ. Lỗ hổng được định danh là CVE-2025-68613...

0

Ppwnmy-writeup-0day-in-zsh-rce.hashnode.devDec 21, 2025 · 6 min read

My Writeup (0day in Zsh (RCE))

I am Rana M.Sinan Adil aka (livepwn). I am 17 years old i was working on bug and also created a exploit.Hope you will enjoy :) How it worked: I have two laptop, lp1 and lp2. I run the exploit in lp1 just changed the ip and putted ip of my lp2. And i ...

0

Mmicrobytesecmicrobytesecurity.hashnode.devDec 17, 2025 · 7 min read

Hacking Exposed: Exploiting a Classic Buffer Overflow for HedgeHogs

Understanding binary exploitation is one of the most important foundations in penetration testing. Classic buffer overflow vulnerabilities shaped the history of computing, and although modern systems now use stronger defenses like DEP and ASLR, these...

0

JJebitoksharonjebitok.comNov 8, 2025 · 9 min read

Pwnkit: CVE-2021-4034 (TryHackMe)

CVE-2021-4034 — aka Pwnkit — is a high-severity local privilege escalation in the Polkit package that was present in Polkit releases dating back to 2009. Because Polkit is installed by default on most mainstream Linux distributions, this vulnerabilit...

0

JJebitoksharonjebitok.comNov 7, 2025 · 8 min read

Spring4Shell: CVE-2022-22965 (TryHackMe)

In late March 2022 the security community was alerted to remote code execution flaws affecting the Spring Framework. One of the issues—now commonly referred to as Spring4Shell (CVE-2022-22965)—impacts parts of Spring Core and, under a specific set of...

0

MMMD MUNIF MUBTASHIMmetasploit-introduction-tryhackme.hashnode.devAug 27, 2025 · 18 min read

Introduction to Metasploit

msfconsole -to launch Metasploit Exploit: A piece of code that uses a vulnerability present on the target system. Vulnerability: A design, coding, or logic flaw affecting the target system. The exploitation of a vulnerability can result in disclosin...

0

#exploitation

Search Hashnode