Academy @ HackTheBox
Solving Academy on HackTheBox, a 20-point Linux machine on HackTheBox that involves a Laravel deserialization RCE, stored credentials & sudo composer.
Solving Academy on HackTheBox, a 20-point Linux machine on HackTheBox that involves a Laravel deserialization RCE, stored credentials & sudo composer.
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
Smasher2 is a difficult 50 points machine on hackthebox, involving some guessing to get the user flag (because the author... read more
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
Helpline is a really fun box on hackthebox.eu, which I was lucky enough to get system first blood on :)... read more
We will solve Attended, a 50-point machine on HackTheBox. For user, we will be sending some emails back and forth... read more
Writeup is a nice, medium difficulty machine on hackthebox, featuring the use of a publicly available sql injection exploit and... read more
Mango is a 30-point linux machine on hackthebox that involves a NoSQL-Injection which allows to obtain user passwords from a... read more
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
Haystack is a 20 points machine on hackthebox, which in my opinion is not as easy as one might think.... read more