PHP Unserialize & Race Condition – Tenet @ HackTheBox
We are solving Tenet, a 30-point machine HackTheBox that involves a simple PHP deserialization vulnerability, password reuse and a race condition.
12Jun
Related Posts
15Feb
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
27Jun
Player2 @ HackTheBox
Player2 is a 50-point Linux machine on HackTheBox. For user we do some web fuzzing, call a twirp method to... read more
04Apr
Registry @ HackTheBox
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and... read more
10Apr
APT @ HackTheBox
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the... read more
16Mar
Carrier @ HackTheBox
Carrier is a nice, medium difficulty machine on hackthebox.eu featuring information retrieval via snmp, command injection and bgp hijacking. The... read more
01May
.NET Remoting & WCF – Sharp @ HackTheBox
We will solve Sharp, a 40-point machine on HackTheBox that is all about C-Sharp & .Net. For user, we exploit... read more
20Nov
LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more
02May
OpenAdmin @ HackTheBox
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo... read more
02Mar
Access @ HackTheBox
In this short writeup I will show how I completed Access on hackthebox.eu, a quite easy windows box that involves... read more
29Jan
ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox
We are solving Anubis, a 50-point windows machine on HackTheBox which involves an ASP template injection, windows containers, and stealing... read more