Skip to main content

Documentation Index

Fetch the complete documentation index at: https://rootea.es/llms.txt

Use this file to discover all available pages before exploring further.

RE

··
Operating systemWindows
DifficultyHard
IP10.10.10.144
Retirement date
SkillsCreating a malicious office document (libreoffice) - Playing with Macros Macros Obfuscation - Bypassing YARA Rules ConPtyShell - Enhancing our console mobility Abusing defined task in the system Malicious Ace files for WinRAR < 5.70 beta 1 - WinRAR Exploitation (Evil-WinRAR-Gen) IIS ASPX WebShell through WinRAR Exploitation GHIDRA Exploitation - XXE Vulnerability (XML External Entity Injection) [Project Handling] Intercepting NetNTLM-v2 hash through the XXE Cracking Hashes Abusing WinRM - Evil-WinRM Playing with Invoke-Command to execute commands as a user whose credentials we know PowerUp System Recognition Abuse UsoSvc - Creating a new user [Privilege Escalation] Manipulating system logs to grant privileges to the newly created user (Psexec)

Writeups

LanguageAuthorFormatLink
🇪🇸 ESS4vitarVídeoOpen
🇬🇧 EN0xdfTextoOpen
🇬🇧 ENIppSecVídeoOpen

Skill resources

Curated documentation for each technique listed in the Skills column above. Sources: HackTricks, GTFOBins, PortSwigger, etc.
SkillSourceLink
XML External EntityHackTricksOpen
IIS (Microsoft Web Server)HackTricksOpen
Remote Code Execution (RCE)HackTricksOpen