DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
24Apr
Related Posts
18Sep
HTTP Request Smuggling & AWS – Sink @ HackTheBox
We are solving Sink, a 50-point Linux machine on HackTheBox that involves HTTP Request Smuggling & retrieving secrets from Localstack. read more
14Mar
Postman @ HackTheBox
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the... read more
11Jul
Book @ HackTheBox
Book is a 30-point Linux machine on HackTheBox. We log into a web application by exploiting SQL truncation and then... read more
25Sep
SEH Based Buffer Overflow with Space Limitations – Kevin @ PG Practice
We are solving Kevin, an easy-rated Windows machine on PG Practice that involves a SEH Based Buffer Overflow. read more
20Mar
Crossfit @ HackTheBox
Solving Crossfit, a 50-point Linux machine on HackTheBox which involves a lot of cross-site scripting, a command-injection, and finally some... read more
13Jun
Monteverde @ HackTheBox
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
20Nov
LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more
03Aug
Safe @ HackTheBox
Safe is an "easy" machine on hackthebox, involving a simple buffer overflow and cracking a keepass file. read more
03Jul
SnakeYAML, Go & WebAssembly – Ophiuchi @ HackTheBox
We are going to solve Ophiuchi a 30-point machine on HackTheBox that involves a YAML parser vulnerability and a custom... read more
19Jan
Lab – Baby Walkthrough
Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup &... read more