Related Posts
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
Registry @ HackTheBox
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and... read more
Hackback @ HackTheBox
This post is about hackback, a really interesting and challenging machine that was released on 23.02.19 on hackthebox.eu. Techniques used... read more
Protected: Rastalabs Prolab @ HackTheBox
There is no excerpt because this is a protected post. read more
Ypuffy @ HackTheBox
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more
DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell... read more
Bankrobber @ HackTheBox
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
Smasher 2 @ HackTheBox
Smasher2 is a difficult 50 points machine on hackthebox, involving some guessing to get the user flag (because the author... read more
LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more