Squidception, OpenSMTPD & Kerberos – Tentacle @ HackTheBox
We are going to solve Tentacle, a 40-point machine on HackTheBox which involves a bit of Squid Proxy Magic 🦑(🦑 (🦑 )), exploiting OpenSMTPD and some Kerberos.
We are going to solve Tentacle, a 40-point machine on HackTheBox which involves a bit of Squid Proxy Magic 🦑(🦑 (🦑 )), exploiting OpenSMTPD and some Kerberos.
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
Mango is a 30-point linux machine on hackthebox that involves a NoSQL-Injection which allows to obtain user passwords from a... read more
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and... read more
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my... read more
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup &... read more
RE is a 40 point windows machine on HackTheBox that involves uploading an ods file with a malicious macro, abusing... read more