JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
31Jul
Related Posts
03Jul
SnakeYAML, Go & WebAssembly – Ophiuchi @ HackTheBox
We are going to solve Ophiuchi a 30-point machine on HackTheBox that involves a YAML parser vulnerability and a custom... read more
02Apr
Control @ HackTheBox
Control is a 40-point windows machine on hackthebox that involves a sql injection which we use to upload a webshell.... read more
27Feb
Protected: Dream Diary 3 @ HackTheBox
There is no excerpt because this is a protected post. read more
16Oct
Dynamic DNS & Command Injection – Dynstr @ HackTheBox
We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection. read more
27Mar
Luanne @ HackTheBox
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more
24Apr
DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell... read more
21Nov
Buff @ HackTheBox
Buff is a 20-point Windows Machine on HackTheBox, created by egotisticalSW. It involves 2 simple public exploits and forwarding a... read more
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
13Apr
RedCross @ HackTheBox
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more
27Apr
Irked @ HackTheBox
This short write-up is about Irked, a rather easy machine on hackthebox featuring an irc backdoor, some steganography and a... read more