Command Injection & Path Hijacking – Previse @ HackTheBox

Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more

Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more

Resolute is a 30-point Windows machine on HackTheBox that involves enumerating LDAP, Password Spraying, and using the DNSAdmins group to... read more

We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more

Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more

Unattended is a high difficulty machine on hackthebox, featuring manual sql injection, log poisoning and some guessing. read more

Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more

Bastion is an easy 20 points machine on hackthebox. It is about mounting a .vhd file over the network, retrieving... read more

LaCasaDePapel is a rather easy machine on hackthebox.eu, featuring the use of php reflection, creating and signing of client certificates... read more

AI is a 30 point machine on hackthebox that involves SQL injection via speech and abusing an exposed java debugging... read more