Posts on Nitel's Red Logs

Job — VulnLab Writeup

Mon, 23 Mar 2026 23:15:00 +0000

Job is a medium-difficulty Windows machine on VulnLab. The attack chain involves crafting a malicious LibreOffice macro sent via SMTP to gain an initial foothold, then escalating to SYSTEM by abusing SeImpersonatePrivilege with GodPotato.

Cicada — HackTheBox Writeup

Mon, 12 Jan 2026 12:33:00 +0000

An easy-rated HTB Active Directory machine. The attack chain involves SMB guest enumeration, RID brute-forcing, password spraying, LDAP dumping, and finally abusing SeBackupPrivilege to extract the Administrator hash.

Media - VulnLab Writeup

Sun, 11 Jan 2026 12:33:00 +0000

Exploiting a .wax file upload to steal NTLMv2 credentials, then escalating privileges via SeImpersonate using GodPotato on a Windows target.

UpDown - HackTheBox Writeup

Fri, 09 Jan 2026 23:42:00 +0000

UpDown is a medium Linux box where you chain an exposed .git repo, a custom header bypass, and a Phar wrapper LFI + file upload to get a shell. Root involves Python 2 input() injection on a SUID binary, then easy_install sudo abuse via GTFOBins.

Busqueda — HackTheBox Writeup

Thu, 08 Jan 2026 11:57:00 +0000

A walkthrough of HackTheBox Searcher — exploiting CVE-2023-43364 (Searchor 2.4.0 RCE) for initial access, then leveraging a path injection vulnerability in a privileged Python script to escalate to root.

Introduction

Mon, 08 Jun 2020 08:06:25 +0600

Hi, I’m Nitel 👋

Application Security & Penetration Testing Specialist based in Seoul, South Korea.

I write about offensive security, penetration testing, and the intersection of secure development — from breaking things in labs to building them the right way in production.

What I Do

I’m an offensive security professional with a background in full-stack development (React.js / Node.js). I hold the HTB Certified Penetration Testing Specialist (CPTS) and PJPT certifications, and I’m currently pursuing OSCP.