privilege-escalation 
Boardlight writeup
Boardlight is a Linux box featuring a Dolibarr CMS instance vulnerable to CVE‑2023‑30253, leading to remote code execution. We will exploit this vulnerability, reuse extracted credentials to gain user access, and escalate privileges via an outdated binary vulnerable to CVE‑2022‑37706.
…Editorial writeup
Editorial is a Linux box that involves SSRF exploitation, internal port enumeration, git credential extraction, and privilege escalation via a GitPython vulnerability (CVE‑2023‑41040). We will discover an SSRF vulnerability in a book cover upload feature, use it to scan internal ports, retrieve API credentials, access a git repository to find production user credentials, and exploit a vulnerable sudo‑allowed Python script to gain root access.
…Dog writeup
Dog is a Linux box featuring a Backdrop CMS web application. We will exploit source‑code disclosure via a publicly accessible .git directory, reuse MySQL credentials to gain user access, and escalate privileges through a custom bee binary that allows arbitrary command execution via its eval functionality.