Hacking Time @ HackTheBox
Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell script that is periodically run by root.
Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell script that is periodically run by root.
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the... read more
Solving Academy on HackTheBox, a 20-point Linux machine on HackTheBox that involves a Laravel deserialization RCE, stored credentials & sudo... read more
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a webshell.... read more
Bastion is an easy 20 points machine on hackthebox. It is about mounting a .vhd file over the network, retrieving... read more
There is no excerpt because this is a protected post. read more
LaCasaDePapel is a rather easy machine on hackthebox.eu, featuring the use of php reflection, creating and signing of client certificates... read more
Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more
Helpline is a really fun box on hackthebox.eu, which I was lucky enough to get system first blood on :)... read more
We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection. read more