Default-Credentials

HTB STARTING POINT · Tier 1

Ignition

Virtual host discovery finds the Magento admin panel on a non-default hostname; qwerty123 completes the chain — two recon steps, one flag.…

April 28, 2026 · 5 min · crAIzy
Magento CVEDirectory Busting

HTB STARTING POINT · Tier 2

Pennyworth

Jenkins 2.289.1 with default root:password credentials. Script Console runs Groovy — one line of Groovy spawns a reverse shell as root. No escalation needed.…

April 28, 2026 · 3 min · crAIzy
Jenkins RCEGroovy RCE

HTB STARTING POINT · Tier 0

Preignition

Directory fuzzing surfaces a hidden admin.php that default credentials unlock; demonstrates why wordlist-based discovery precedes credential guessing.…

April 27, 2026 · 6 min · crAIzy
Directory Busting