I was recently learning about web browser forensics and became interested in understanding the different ways that browsers locally store a user’s credentials. I’ve also recently come across a few HackTheBox machines requiring decryption of passwords from browsers for privilege escalation. This presented me with the idea for a relatively...
[Read More]
Hack The Box - Arkham
Arkham was definitely more difficult than its rating would have you believe! In particular, the java deserialisation exploit required a fair bit of research and testing. The combination of UAC bypass / DLL hijack was a nice touch for the privesc. I refer to this post every now-and-then when I...
[Read More]