Hacking Time @ HackTheBox
Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell script that is periodically run by root.
03Apr
Related Posts
08Feb
Ypuffy @ HackTheBox
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more
04Sep
Command Injection, Prototype Pollution & Kubernetes – Unobtainium @ HackTheBox
This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy... read more
19Jan
Lab – Baby Walkthrough
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup &... read more
05Dec
Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more
09May
Obscurity @ HackTheBox
Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a... read more
06Jun
Nest @ HackTheBox
Nest is a 20-point Windows machine on HackTheBox that involves searching through smb shares and analyzing 2 short custom programs. read more
29Jan
ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox
We are solving Anubis, a 50-point windows machine on HackTheBox which involves an ASP template injection, windows containers, and stealing... read more
21Mar
Forest @ HackTheBox
Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs to... read more
22Feb
Zetta @ HackTheBox
Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to... read more
23May
Rope @ HackTheBox
Rope is a 50-point machine on HackTheBox that involves 3 binary exploits. There is a format string vulnerability in the... read more