PHP Unserialize & Race Condition – Tenet @ HackTheBox
We are solving Tenet, a 30-point machine HackTheBox that involves a simple PHP deserialization vulnerability, password reuse and a race condition.
12Jun
Related Posts
28Dec
InfernoCTF Weakened Keys
"Weakened Keys" was an interesting crypto challenge on InfernoCTF. read more
04Sep
Command Injection, Prototype Pollution & Kubernetes – Unobtainium @ HackTheBox
This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy... read more
23Mar
Frolic @ HackTheBox
Frolic is a medium difficulty machine on hackthebox.eu, featuring a lot of CTF-ish language conversions, the usage of a public... read more
16May
Patents @ HackTheBox
Patents is a 40-point Linux machine on HackTheBox. For user we exploit an external entity injection in a word document... read more
30Mar
Curling @ HackTheBox
Curling is one of the easier boxes on hackthebox.eu, featuring getting a shell on joomla via template editing, getting a... read more
13Apr
RedCross @ HackTheBox
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more
17Sep
SQLi, LFI to RCE and Unintended Privesc via XAMLX & Impersonation – StreamIO @ HackTheBox
Video & additional notes for StreamIO, a medium difficulty Windows machine on HackTheBox that involves manual MSSQL Injection, going from... read more
03Nov
Ekoparty 2022 BFS Windows Challenge
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022. read more
27Aug
Resource-Based Constrained Delegation – Resourced @ PG-Practice
Video & additional notes for Resourced, an intermediate difficulty Windows machine on PG-Practice that involves password spraying and an RBCD... read more
18May
Ellingson @ HackTheBox
Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a... read more