Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the password of a private key and exploiting a webmin vulnerability with metasploit. No...

Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an admin account, using a command injection to get a user shell and ex...

Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my video, an unintended root by exploiting exim. Notes SQL injection: ') UNION (SELECT...

Dream Diary 3 is a 80 points pwn challenge on hackthebox that involes abusing a null byte overflow on the heap with glibc 2.29. All modern protections are enabled & seccomp is hindering us to c...

Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to get access to ssh and finally abuse a sql injection in rsyslogd to get root. User Flag Ope...

Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege escalation. You can reverse a binary, exploit ftp or use th...

RE is a 40 point windows machine on HackTheBox that involves uploading an ods file with a malicious macro, abusing a winrar vulnerability and using UsoSVC together with metasploit’s incognito modul...

AI is a 30 point machine on HackTheBox that involves SQL injection via speech and abusing an exposed java debugging port. Notes SQL injection helper: #!/usr/bin/env python import subprocess im...

Player is a hard box, that we solved in unintended ways that are partly patched now. User & Root Enumerating subdomains we find: staging.player.htb, dev.player.htb, chat.player.htb. On dev....

Challenge “Weakened Keys” was an interesting crypto challenge on InfernoCTF. They gave us this to work with: Encrypted Test= '0mu0T97looX5/Oorw8ASGxfqMqrNoFajZupXrjtIAj7ECJdQXZzEmbEwdRV2J2MI' Te...