Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
Book is a 30-point Linux machine on HackTheBox. We log into a web application by exploiting SQL truncation and then... read more
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more
Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more
AI is a 30 point machine on hackthebox that involves SQL injection via speech and abusing an exposed java debugging... read more
There is no excerpt because this is a protected post. read more
This post is a walkthrough of Zipper, an interesting machine on hackthebox.eu featuring the zabbix network monitoring application. It involves... read more
We will solve Attended, a 50-point machine on HackTheBox. For user, we will be sending some emails back and forth... read more
Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a... read more
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a webshell.... read more
We are solving UT99, an intermediate windows box on PG Practice. On this box, we are going to exploit an... read more