https://hexpysya.github.io/tags/t1190/Recent content in T1190 on bubka hacks stuffHugo -- gohugo.ioen-usSat, 31 Jan 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-packet-_puzzle/Sat, 31 Jan 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-packet-_puzzle/Analyzed network traffic showing exploitation of CVE-2024-4577 (PHP-CGI argument injection) against a Windows server running PHP 8.1.25. Attacker achieved RCE, established reverse shell on port 4545, then escalated privileges using GodPotato to spawn a SYSTEM-level shell on port 5555.