JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
31Jul
Related Posts
25Jan
AI @ HackTheBox
AI is a 30 point machine on hackthebox that involves SQL injection via speech and abusing an exposed java debugging... read more
13Apr
LaCasaDePapel @ HackTheBox
LaCasaDePapel is a rather easy machine on hackthebox.eu, featuring the use of php reflection, creating and signing of client certificates... read more
27Mar
Luanne @ HackTheBox
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more
15Feb
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
07Mar
Bankrobber @ HackTheBox
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
19Jan
Lab – Baby Walkthrough
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup &... read more
30May
Resolute @ HackTheBox
Resolute is a 30-point Windows machine on HackTheBox that involves enumerating LDAP, Password Spraying, and using the DNSAdmins group to... read more
22May
Getting Access through the Helpdesk – Delivery @ HackTheBox
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
02May
OpenAdmin @ HackTheBox
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo... read more
18Sep
HTTP Request Smuggling & AWS – Sink @ HackTheBox
We are solving Sink, a 50-point Linux machine on HackTheBox that involves HTTP Request Smuggling & retrieving secrets from Localstack. read more