enumerating ZoneMinder version via cache timestamp, exploiting CVE-2024-51482 blind SQLi to dump credentials, then pivoting to sa_mark via motionEye CVE-2025-60787 RCE
making computers sing
enumerating ZoneMinder version via cache timestamp, exploiting CVE-2024-51482 blind SQLi to dump credentials, then pivoting to sa_mark via motionEye CVE-2025-60787 RCE
exploiting CVE-2026-23744 unauthenticated RCE in MCPJAM, pivoting through container bind mounts to leak PrivateBin config, then using Arcane to spin up a root container
exploiting a Pterodactyl game panel via path traversal, PAM environment poisoning, and a udisks2 XFS resize bug to get root