DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
24Apr
Related Posts
09Sep
SEH Based Buffer Overflow & DLL Hijacking – UT99 @ PG Practice
We are solving UT99, an intermediate windows box on PG Practice. On this box, we are going to exploit... read more
15May
Ghoul @ HackTheBox
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure... read more
28Mar
Sniper @ HackTheBox
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm... read more
28Apr
Unattended @ HackTheBox
Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing. read more
06Nov
Active Directory, Reverse Engineering & Unintended Solutions – Pivotapi @ HackTheBox
We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active... read more
26Jun
WordPress & Initctl on ChromeOS – Spectra @ HackTheBox
My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us... read more
21Mar
Forest @ HackTheBox
Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs... read more
14Mar
Postman @ HackTheBox
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking... read more
21Aug
SQLi, ToC/ToU & Arbitrary File Write – Proper @ HackTheBox
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a... read more
02Apr
Control @ HackTheBox
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a... read more