Crossfit @ HackTheBox

Related Posts

24Apr

DynamoDB & S3 Buckets – Bucket @ HackTheBox

We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell... read more

28Mar

Arkham @ HackTheBox

Arkham was a surprisingly hard box for the 30 points that were awarded for it, as I was struggling quite... read more

30Jun

Haystack @ HackTheBox

Haystack is a 20 points machine on hackthebox, which in my opinion is not as easy as one might think.... read more

17Sep

SQLi, LFI to RCE and Unintended Privesc via XAMLX & Impersonation – StreamIO @ HackTheBox

Video & additional notes for StreamIO, a medium difficulty Windows machine on HackTheBox that involves manual MSSQL Injection, going from... read more

16Jan

Lab – Rainbow Walkthrough

Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more

27Nov

Password Spraying, gMSA, ADIDNS & Constrained Delegation – Intelligence @ HackTheBox

We are solving intelligence, a nice windows machine on HackTheBox, created by Micah. For user, we will enumerate pdfs on... read more

27Aug

Resource-Based Constrained Delegation – Resourced @ PG-Practice

Video & additional notes for Resourced, an intermediate difficulty Windows machine on PG-Practice that involves password spraying and an RBCD... read more

28Mar

Sniper @ HackTheBox

Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more

09May

Obscurity @ HackTheBox

Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a... read more

16Jul

Active Directory, JEA & Random Stuff – Acute @ HackTheBox

Acute is a 40-point Active Directory Windows machine on HackTheBox. I'm going to use it to show some techniques which... read more