Niklas Heringer
Niklas Heringer
Cybersecurity & Math.
⌘K
Subscribe Sign in
Niklas Heringer

htb

Breaking in before the VPN broke down - A Journey through Precious (HTB Writeup)
htb

Breaking in before the VPN broke down - A Journey through Precious (HTB Writeup)

A full walkthrough of the Hack The Box machine "Precious"; from enumeration to exploitation, including a clever pdfkit command injection and Ruby YAML deserialization for root. With shell stabilisation and some VPN drama on the side.
HTB Reset: From Log Poisoning to Root. Exploiting Tmux, Rexec and Misconfigured Sudo
htb

HTB Reset: From Log Poisoning to Root. Exploiting Tmux, Rexec and Misconfigured Sudo

A deep-dive into escalating from LFI to full root via log poisoning, named pipe reverse shell, misconfigured sudo permissions, and forgotten tmux sessions. Includes analysis of R-services (rexec, rlogin, rsh) and real-world command chaining.
The Final Part: Active Directory Journay Day Five: Building, Securing, and Managing a Domain
ad-challenge

The Final Part: Active Directory Journay Day Five: Building, Securing, and Managing a Domain

Day Five covers key AD admin tasks - user and group creation, GPO management, and domain joins; using PowerShell with a security-focused approach.
Popping Devvortex - Joomla Tricks, Template Shells & Summer Brain Fog
htb

Popping Devvortex - Joomla Tricks, Template Shells & Summer Brain Fog

An easy HTB box with enough Joomla, virtual hosts, and reverse shell magic to get you sweating (literally). This walkthrough dives into the quirks of Joomla, web fuzzing, API poking, and template-based RCE. Bring water.
From LFI to RCE: Exploiting File Inclusion Like a Pro
remote-code-execution

From LFI to RCE: Exploiting File Inclusion Like a Pro

A hands-on deep dive into exploiting file inclusion vulnerabilities; from simple LFI to full RCE using session poisoning, log injection, and PHP wrappers.
Introduction to File Inclusion
local-file-inclusion

Introduction to File Inclusion

An in-depth and hands-on walkthrough on spotting and exploiting Local File Inclusion (LFI); from classic payloads to modern bypasses, straight from HTB Academy labs.
How to Proceed after the User Flag: My Beginner’s Priv Esc Flow
privilege-escalation

How to Proceed after the User Flag: My Beginner’s Priv Esc Flow

Getting user.txt is just the beginning. Here’s how I hunt for privilege escalation paths on Linux boxes; what I check, how I think, and why it still stumps me sometimes.
My UnderPass Runthrough - Learnings
htb

My UnderPass Runthrough - Learnings

Cracked the UnderPass HTB box by skipping dead ends, abusing SNMP leaks, and turning mosh-server into a root shell with zero password; here is how.