Passage @ HackTheBox

Related Posts

04Sep

Command Injection, Prototype Pollution & Kubernetes – Unobtainium @ HackTheBox

This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy... read more

17Jul

LFI to RCE, Sticky Notes & SQLi – Breadcrumbs @ HackTheBox

We are solving Breadcrumbs, a 40-point Windows machine on HackTheBox. For user, we exploit an LFI to read PHP source... read more

02May

OpenAdmin @ HackTheBox

OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo... read more

04May

OneTwoSeven @ HackTheBox

Onetwoseven is a great machine on hackthebox, featuring symbolic links, port forwarding through sftp and some typical web application exploitation.... read more

15May

Exploiting Gitlab 11.4.7 & Escaping a Privileged Docker Container – Ready @ HackTheBox

We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the "Import Repo by URL"... read more

09May

Obscurity @ HackTheBox

Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a... read more

09Sep

SEH Based Buffer Overflow & DLL Hijacking – UT99 @ PG Practice

We are solving UT99, an intermediate windows box on PG Practice. On this box, we are going to exploit an... read more

17Aug

Heist @ HackTheBox

Heist is an "easy" machine on hackthebox, involving some enumeration (especially rpc) and some forensics (dumping firefox memory). read more

16May

Patents @ HackTheBox

Patents is a 40-point Linux machine on HackTheBox. For user we exploit an external entity injection in a word document... read more

15May

Ghoul @ HackTheBox

Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more