We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the “Import Repo by URL” Feature in Gitlab to SSRF into Redis and add a background job which then gives us a reverse shell. For root, we can mount the host filesystem into our privileged docker container.
Ethereal is a machine on hackthebox.eu that awards 50 points, the highest possible score/difficulty and requires some really fun techniques,... read more
Solving Crossfit, a 50-point Linux machine on HackTheBox which involves a lot of cross-site scripting, a command-injection, and finally some... read more
We are solving Forge, a medium difficulty Linux machine on HackTheBox which involves an SSRF & playing with the python... read more
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more
This short write-up is about Irked, a rather easy machine on hackthebox featuring an irc backdoor, some steganography and a... read more
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
This post is about hackback, a really interesting and challenging machine that was released on 23.02.19 on hackthebox.eu. Techniques used... read more
We are solving Kevin, an easy-rated Windows machine on PG Practice that involves a SEH Based Buffer Overflow. read more
