OffSec Live | Rookie Mistake

Welcome to our OffSec Live walkthrough of Rookie Mistake, a PG Practice machine: https://portal.offsec.com/labs/practice.

Our student mentor demonstrated how to find open ports, identify services, and use vulnerabilities like SSTI (Server-Side Template Injection) to gain a shell on the target machine.

After obtaining initial access as a user, our student mentor showed how to escalate privileges to root by exploiting a vulnerable PID status monitor running on the target machine.

Join OffSec Live on Fridays:   / offsecofficial  
We do demonstrations and walkthroughs of course topics and Proving Grounds machines. Additionally, sessions offer career guidance, including how to build a resume, how to break into #cybersecurity, and interview tips.