JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
31Jul
Related Posts
06Jun
Nest @ HackTheBox
Nest is a 20-point Windows machine on HackTheBox that involves searching through smb shares and analyzing 2 short custom programs. read more
17Aug
Heist @ HackTheBox
Heist is an "easy" machine on hackthebox, involving some enumeration (especially rpc) and some forensics (dumping firefox memory). read more
26Jun
WordPress & Initctl on ChromeOS – Spectra @ HackTheBox
My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us to... read more
13Apr
RedCross @ HackTheBox
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more
03Aug
Fortune @ HackTheBox
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more
16Feb
Giddy @ HackTheBox
In this post I will give a quick walkthrough on Giddy from hackthebox.eu. The machine involves (automated) sql injection, stealing... read more
28Apr
Unattended @ HackTheBox
Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing. read more
04Jul
ForwardSlash @ HackTheBox
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more
13Mar
Reel2 @ HackTheBox
Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more
30Mar
Curling @ HackTheBox
Curling is one of the easier boxes on hackthebox.eu, featuring getting a shell on joomla via template editing, getting a... read more