Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
17Apr
Related Posts
18Jan
Player @ HackTheBox
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
04Jul
ForwardSlash @ HackTheBox
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more
02May
OpenAdmin @ HackTheBox
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo... read more
04May
OneTwoSeven @ HackTheBox
Onetwoseven is a great machine on hackthebox, featuring symbolic links, port forwarding through sftp and some typical web application exploitation.... read more
26Jun
WordPress & Initctl on ChromeOS – Spectra @ HackTheBox
My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us to... read more
30Jul
Sauna @ HackTheBox
Sauna is a 20-point Windows Machine on HackTheBox. For user, we bruteforce usernames and then use ASREP-Roasting to obtain the... read more
12Jun
PHP Unserialize & Race Condition – Tenet @ HackTheBox
We are solving Tenet, a 30-point machine HackTheBox that involves a simple PHP deserialization vulnerability, password reuse and a race... read more
28Mar
Helpline @ HackThebox
Helpline is a really fun box on hackthebox.eu, which I was lucky enough to get system first blood on :)... read more
05Dec
Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more
30May
Resolute @ HackTheBox
Resolute is a 30-point Windows machine on HackTheBox that involves enumerating LDAP, Password Spraying, and using the DNSAdmins group to... read more