JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more
We are solving Sink, a 50-point Linux machine on HackTheBox that involves HTTP Request Smuggling & retrieving secrets from Localstack. read more
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
Bastion is an easy 20 points machine on hackthebox. It is about mounting a .vhd file over the network, retrieving... read more
We are solving Kevin, an easy-rated Windows machine on PG Practice that involves a SEH Based Buffer Overflow. read more
Safe is an "easy" machine on hackthebox, involving a simple buffer overflow and cracking a keepass file. read more
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my... read more
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more
AuthBy is a medium difficulty Windows machine on PG Practice. It involves getting FTP access to the web root of... read more
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more