Scavenger @ HackTheBox
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my video, an unintended root by exploiting exim. Notes SQL injection: ') UNION (SELECT...
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my video, an unintended root by exploiting exim. Notes SQL injection: ') UNION (SELECT...
Dream Diary 3 is a 80 points pwn challenge on hackthebox that involes abusing a null byte overflow on the heap with glibc 2.29. All modern protections are enabled & seccomp is hindering us to c...
Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to get access to ssh and finally abuse a sql injection in rsyslogd to get root. User Flag Ope...
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege escalation. You can reverse a binary, exploit ftp or use th...
RE is a 40 point windows machine on HackTheBox that involves uploading an ods file with a malicious macro, abusing a winrar vulnerability and using UsoSVC together with metasploit’s incognito modul...
AI is a 30 point machine on HackTheBox that involves SQL injection via speech and abusing an exposed java debugging port. Notes SQL injection helper: #!/usr/bin/env python import subprocess im...
Player is a hard box, that we solved in unintended ways that are partly patched now. User & Root Enumerating subdomains we find: staging.player.htb, dev.player.htb, chat.player.htb. On dev....
Challenge “Weakened Keys” was an interesting crypto challenge on InfernoCTF. They gave us this to work with: Encrypted Test= '0mu0T97looX5/Oorw8ASGxfqMqrNoFajZupXrjtIAj7ECJdQXZzEmbEwdRV2J2MI' Te...
Challenge ABCDEFGHIJKLMNOPQRSTUVWXYZ ., AHTNTRZPBEMVVUGIKBZNEYN,IPAZPWEQZBROKYSAG, GLNSMIZPPNAGAUCLFRKJKHVCSTSZDSCJFMSBKMHMMRA,THANLDUULHG WDPVUQKNATYMRA THIS NEW ENCRYPTION METHOD IS EXCELLENT ...
Heist is an “easy” machine on HackTheBox, involving some enumeration (especially rpc) and some forensics (dumping firefox memory). User Flag Open Ports: 80/tcp open http 135/tcp open msrpc 44...