Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell script that is periodically run by root.
Solving Passage on HackTheBox. This is an easy box involving 2 public exploits, one for the CuteNews CMS and one for the USBCreator D-Bus interface.
Buff is a 20-point Windows Machine on HackTheBox, created by egotisticalSW. It involves 2 simple public exploits and forwarding a port.
Book is a 30-point Linux machine on HackTheBox. We log into a web application by exploiting SQL truncation and then use a Local File Inclusion vulnerability to obtain an SSH key. By exploiting a logrotate CVE we escalate privileges.
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo entry for nano.
SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse.
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden password in a git repository ;)