Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
17Apr
Related Posts
19Jun
Squidception, OpenSMTPD & Kerberos – Tentacle @ HackTheBox
We are going to solve Tentacle, a 40-point machine on HackTheBox which involves a bit of Squid Proxy Magic 🦑(🦑... read more
18Sep
HTTP Request Smuggling & AWS – Sink @ HackTheBox
We are solving Sink, a 50-point Linux machine on HackTheBox that involves HTTP Request Smuggling & retrieving secrets from Localstack. read more
04Apr
Registry @ HackTheBox
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and... read more
06Jun
Nest @ HackTheBox
Nest is a 20-point Windows machine on HackTheBox that involves searching through smb shares and analyzing 2 short custom programs. read more
07Mar
Bankrobber @ HackTheBox
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
16Oct
Dynamic DNS & Command Injection – Dynstr @ HackTheBox
We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection. read more
02Apr
Control @ HackTheBox
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a webshell.... read more
28Mar
Sniper @ HackTheBox
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
03Nov
Ekoparty 2022 BFS Windows Challenge
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022. read more
16Jan
Lab – Rainbow Walkthrough
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more