Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
We are going to solve Ophiuchi a 30-point machine on HackTheBox that involves a YAML parser vulnerability and a custom... read more
This is a short writeup on the "NonHeavyFTP" challenge from Real World CTF 2023. This was one of the easier... read more
In this post I will give a quick walkthrough on Giddy from hackthebox.eu. The machine involves (automated) sql injection, stealing... read more
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo... read more
We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active Directory... read more
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more
AuthBy is a medium difficulty Windows machine on PG Practice. It involves getting FTP access to the web root of... read more
Kryptos is 50 points machine on hackthebox, involving some interesting techniques, like setting up a fake database and making the... read more