Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file which is opened automatically by the local administrator. Notes Remote ...

Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs to become admin. Notes To route your windows vm thr...

Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the password of a private key and exploiting a webmin vulnerability with metasploit. No...

Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an admin account, using a command injection to get a user shell and ex...

Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my video, an unintended root by exploiting exim. Notes SQL injection: ') UNION (SELECT...

Dream Diary 3 is a 80 points pwn challenge on hackthebox that involes abusing a null byte overflow on the heap with glibc 2.29. All modern protections are enabled & seccomp is hindering us to c...

Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to get access to ssh and finally abuse a sql injection in rsyslogd to get root. User Flag Ope...

Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege escalation. You can reverse a binary, exploit ftp or use th...

RE is a 40 point windows machine on HackTheBox that involves uploading an ods file with a malicious macro, abusing a winrar vulnerability and using UsoSVC together with metasploit’s incognito modul...

AI is a 30 point machine on HackTheBox that involves SQL injection via speech and abusing an exposed java debugging port. Notes SQL injection helper: #!/usr/bin/env python import subprocess im...