Crossfit @ HackTheBox
Solving Crossfit, a 50-point Linux machine on HackTheBox which involves a lot of cross-site scripting, a command-injection, and finally some light reversing.
20Mar
Related Posts
27Mar
Luanne @ HackTheBox
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more
08Feb
Ypuffy @ HackTheBox
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more
28Aug
FTP to Web Shell & SeImpersonate – AuthBy @ PG Practice
AuthBy is a medium difficulty Windows machine on PG Practice. It involves getting FTP access to the web root of... read more
06Jun
Nest @ HackTheBox
Nest is a 20-point Windows machine on HackTheBox that involves searching through smb shares and analyzing 2 short custom programs. read more
22May
Getting Access through the Helpdesk – Delivery @ HackTheBox
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
15Feb
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
02Apr
Control @ HackTheBox
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a webshell.... read more
04May
OneTwoSeven @ HackTheBox
Onetwoseven is a great machine on hackthebox, featuring symbolic links, port forwarding through sftp and some typical web application exploitation.... read more
21Aug
SQLi, ToC/ToU & Arbitrary File Write – Proper @ HackTheBox
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a custom... read more
08Jan
Real World CTF 2023 – NonHeavyFTP
This is a short writeup on the "NonHeavyFTP" challenge from Real World CTF 2023. This was one of the easier... read more