htb
HTB Reset: From Log Poisoning to Root. Exploiting Tmux, Rexec and Misconfigured Sudo
A deep-dive into escalating from LFI to full root via log poisoning, named pipe reverse shell, misconfigured sudo permissions, and forgotten tmux sessions. Includes analysis of R-services (rexec, rlogin, rsh) and real-world command chaining.
remote-code-execution
From LFI to RCE: Exploiting File Inclusion Like a Pro
A hands-on deep dive into exploiting file inclusion vulnerabilities; from simple LFI to full RCE using session poisoning, log injection, and PHP wrappers.
local-file-inclusion
Introduction to File Inclusion
An in-depth and hands-on walkthrough on spotting and exploiting Local File Inclusion (LFI); from classic payloads to modern bypasses, straight from HTB Academy labs.
