Luke @ HackTheBox
xct2021-07-03T11:45:41+00:00Luke is a rather short, easy machine on hackthebox, which was nonetheless fun to solve and our team got both first bloods here.
Ellingson @ HackTheBox
xct2021-07-03T11:52:26+00:00Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a password and a custom binary exploit.
SwagShop @ HackTheBox
xct2021-07-03T12:04:26+00:00SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse.
Ghoul @ HackTheBox
xct2021-07-03T12:12:54+00:00Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden password in a git repository 😉
OneTwoSeven @ HackTheBox
xct2021-07-03T12:29:02+00:00Onetwoseven is a great machine on hackthebox, featuring symbolic links, port forwarding through sftp and some typical web application exploitation. For escalation of privilege we abuse sudo apt-get update && sudo apt-get upgrade, by faking a deb repository to install a fake, back-doored package. I combined the user and root...
Unattended @ HackTheBox
xct2021-07-03T14:28:19+00:00Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing.