Vulndev

  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Lab
    • Discord
    • Machine List
    • Cheats – Windows
    • Cheats – Shells
  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Lab
    • Discord
    • Machine List
    • Cheats – Windows
    • Cheats – Shells

Home

xct2021-09-10T07:02:29+00:00

Luke @ HackTheBox

xct2021-07-03T11:45:41+00:00

Luke is a rather short, easy machine on hackthebox, which was nonetheless fun to solve and our team got both first bloods here.

By xctCTFajanti, hackthebox, linux, node
Read more...

Ellingson @ HackTheBox

xct2021-07-03T11:52:26+00:00

Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a password and a custom binary exploit.

By xctCTFbinary exploitation, flask, hackthebox, linux, password cracking, werkzeug
Read more...

SwagShop @ HackTheBox

xct2021-07-03T12:04:26+00:00

SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse.

By xctCTFcve, hackthebox, linux, magento, sudo
Read more...

Ghoul @ HackTheBox

xct2021-07-03T12:12:54+00:00

Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden password in a git repository 😉

By xctCTFcve, git, gogs, hackthebox, linux, ssh agent forwarding, zip traversal
Read more...

OneTwoSeven @ HackTheBox

xct2021-07-03T12:29:02+00:00

Onetwoseven is a great machine on hackthebox, featuring symbolic links, port forwarding through sftp and some typical web application exploitation. For escalation of privilege we abuse sudo apt-get update && sudo apt-get upgrade, by faking a deb repository to install a fake, back-doored package. I combined the user and root...

By xctCTFdeb package, hackthebox, linux, port forwarding, sftp, symlink, web
Read more...

Unattended @ HackTheBox

xct2021-07-03T14:28:19+00:00

Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing.

By xctCTFhackthebox, linux, log poisoning, sql injection, web
Read more...
  Prev1…161718…21Next  
Support me on Patreon!

Categories

  • CTF (107)
  • Fuzzing (3)
  • Misc (2)
  • Tools (1)
  • Vulnerability (2)
  • Vulnlab (4)
  • Windows Kernel Exploitation (4)
  • Windows Userland Exploitation (2)

Latest Posts

Active Directory, JEA & Random Stuff – Acute @ HackTheBox
July 16, 2022
Windows Kernel Exploitation – HEVD x64 Use-After-Free
July 14, 2022
Windows Kernel Exploitation – HEVD x64 Type Confusion
July 10, 2022
Windows Kernel Exploitation – HEVD x64 Stack Overflow
July 2, 2022
Windows Kernel Exploitation – VM Setup
July 1, 2022
Bypassing DEP with VirtualProtect (x86)
June 14, 2022

Tags

active directory asrep-roasting binary exploitation bloodhound command injection cronjob crypto cve dcsync deserialization docker domain trust dynamorio fuzzing hackthebox jwt keepass kernel exploit ldap lfi linux metasploit obfuscation openbsd password cracking password spraying path hijacking pg practice php port forwarding powershell responder reversing rop seimpersonate service sql injection ssrf stack overflow sudo tryhackme vulnlab web windows xss

Contact

  • Email: xct@vulndev.io

Follow

Twitter Youtube Linkedin
© Copyright 2022. All Rights Reserved.