DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
We are solving UT99, an intermediate windows box on PG Practice. On this box, we are going to exploit... read more
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure... read more
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm... read more
Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing. read more
We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active... read more
My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us... read more
Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs... read more
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking... read more
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a... read more
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a... read more