Skip to main content
bubka hacks stuff

Malware Analysis (21) Reverse Engineering (14) SIEM (27) SOC (31)
.NET (4) AbuseIPDB (9) Active Directory (5) AD CS (1) AdFind (1) AES (3) AgentTesla (1) Anti-Debugging (1) Anti-VM (2) ANY.RUN (1) AnyDesk (1) AS-REP Roasting (1) AsyncRAT (1) Avr (1) AWS (1) BlackBasta (1) Blockchain (1) Broken Access Control (1) BruteForce (4) BumbleBee (1) Capa (1) CAPEv2 (1) ChaCha20 (1) ChromeHistoryView (1) Click Fix (1) Clipboard Hijacking (2) CloudTrail (1) Cobalt (1) Command Injection (1) Conti (1) CRC32 (1) Credential Dumping (2) CryptnetUrlCache (1) Cryptocurrency Stealer (2) CVE-2017-0199 (1) CVE-2017-11882 (1) CVE-2021-24762 (1) CVE-2024-14847 (1) CVE-2024-24919 (1) CVE-2024-4577 (1) CVE-2024-48990 (1) CVE-2024-6473 (1) CVE-2025-53770 (1) CVE-2025-55182 (1) CVE-2026-24061 (1) Debug (1) DFIR (8) DigitalOcean (1) DLL (2) DLL Hijacking (2) DNS Tunneling (1) Dnspy (4) Doc (1) Dridex (1) Dynamic API Resolution (1) EDR (16) ELF (4) ELF64 (1) ELK (5) Emotet (1) Endpoint Forensic (1) Escalation to L2 (7) Ethereum (1) EtherRAT (1) Event Viewer (4) Excel (1) Extension (1) False Positive (1) File-Upload (1) Fileless Malware (2) Ghidra (1) Golang (1) GOLD CABIN (1) HashDB (1) Heaven's Gate (1) HTA (2) IAM (1) IDA (9) IDOR (1) IDS (2) IIS (1) Indirect Calls (1) Infostealer (3) Injection (1) Installer (1) ISO (1) JavaScript (5) JuicyPotato (1) Kerberoasting (1) Keylogger (2) LFI (2) Linux (10) LKM (1) LNK (4) Loader (1) Log Analysis (27) LOLbins (4) Lsass (2) Lumma Stealer (1) MEGA (1) Memory Analysis (2) MFTExplorer (3) Mimikatz (3) Mini Dump (1) Mongodb (1) MotW Bypass (1) Mshta (1) MSSQL (1) NAT Traversal (1) Needrestart (1) Network Analysis (8) Nmap (3) No Escalation (4) NSIS (1) Oleid (1) Olevba (2) Packer (1) Password Spraying (1) Path Traversal (3) PCAP (3) PDF (3) Pdf-Parser (2) Pdfid (2) PE (12) PECmd (2) Phishing (11) PHORPIEX (1) PoshC2 (1) Powercat (1) PowerShell (8) PowerView (2) Privilege Escalation (1) ProcDump (1) Process Injection (3) PsExec (3) Qradar (1) Ransomware (6) RAT (2) RBCD (1) RC4 (1) RCE (3) RDP (3) RegistryExplorer (2) REvil (1) Rootkit (1) RTF (1) Rtfobj (1) Rubeus (1) Rust (1) Rust-Gdb (1) S3 (1) Salsa20 (1) Sandbox (5) Sandbox Evasion (1) Scdbg (1) Self-Extracting Archive (1) SharePoint (1) Shellcode Analysis (2) Smart Contract (1) SMB (1) SMTP (1) Splunk (6) SQL Injection (3) Sqlite (1) Sqlmap (1) Srand (1) Suricata (2) Sysmon (2) T1053.003 (1) T1098.004 (1) T1110 (1) T1136.001 (1) T1190 (1) T1543.002 (1) Telnet (1) TLS Sniffer (1) Tor (1) True Positive (13) UPnP Exploitation (1) UPX (1) USB Spreading (1) VBA (4) VBScript (1) Vectored Exception Handling (1) VirusTotal (13) Vmonkey (1) Volatility3 (3) Wazuh (3) Web (1) Web Attack (8) WinDBG (1) Windows (24) Wireshark (6) WMI (1) WordPress (1) WPScan (1) X64dbg (1) Xlm-Macros (1) Xlmdeobfuscator (1) Xlsx (1) XSS (1) XWorm (1) Zeek (1)

2026

HTB-Conversor

Web Linux CVE-2024-48990 File-Upload Path Traversal Needrestart Sqlite Nmap
Flask web application vulnerable to path traversal during file uploads. Exploited by uploading Python reverse shell to cron-executed directory → gained www-data shell → extracted MD5 hashes from SQLite database → cracked password for user fismathack → leveraged CVE-2024-48990 in needrestart 3.7 for privilege escalation to root.

2025