From RFC2428 to capture IPv6 address, to rsync hidden module, to SQLi through syslog. What a ride!
That is great writeup, thanks for sharing)
That was a really good summary of the box! One thing I’d like to add is that you could also log the INSERT INTO commands for debugging purposes via /var/log/postgres/main/log.1 (something like that, I don’t have my VM on right now).
Great job! I think it is worth mentioning which configuration mistake causes that you can download the content of /etc.