Welcome to our OffSec Live session on Nibbles, a PG Practice machine: portal.offsec.....
Join OffSec Live on Fridays: / offsecofficial .
We do demonstrations and walkthroughs of course topics and Proving Grounds machines. Additionally, sessions offer career guidance, including how to build a resume, how to break into #cybersecurity, and interview tips.
In this walkthrough, we covered:
🔍 Exploiting initial access via the vsftpd service.
🛠️ Using PostgreSQL vulnerabilities for privilege escalation.
🐍 Upgrading a shell connection with Python for better control.
🗂️ Identifying and analyzing vulnerable set SUID binaries.
🛡️ Managing database privileges and leveraging them for exploitation.
Key takeaways:
⚖️ Importance of security principles like least privilege and separation.
💡 Practical techniques for stabilizing shell access and maintaining control.
🌐 Real-world application of exploitation methods in cybersecurity practice.