OpenAdmin @ HackTheBox
OpenAdmin is a 20-Point Linux machine on HackTheBox that involves using a public exploit for OpenNetAdmin & abusing a sudo entry for nano.
02May
Related Posts
16May
Patents @ HackTheBox
Patents is a 40-point Linux machine on HackTheBox. For user we exploit an external entity injection in a word document... read more
29May
XSS, Deserialization & SeImpersonate – Cereal @ HackTheBox
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
05Dec
Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more
30Jul
Sauna @ HackTheBox
Sauna is a 20-point Windows Machine on HackTheBox. For user, we bruteforce usernames and then use ASREP-Roasting to obtain the... read more
18Apr
Mango @ HackTheBox
Mango is a 30-point linux machine on hackthebox that involves a NoSQL-Injection which allows to obtain user passwords from a... read more
10Apr
APT @ HackTheBox
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the... read more
02Jun
P.O.O. Endgame @ HackTheBox
P.O.O. Endgame is one of HackTheBox’s endgame labs and was just retired. It involves exploiting SQL Server Links & Active... read more
30Mar
Curling @ HackTheBox
Curling is one of the easier boxes on hackthebox.eu, featuring getting a shell on joomla via template editing, getting a... read more
17Sep
SQLi, LFI to RCE and Unintended Privesc via XAMLX & Impersonation – StreamIO @ HackTheBox
Video & additional notes for StreamIO, a medium difficulty Windows machine on HackTheBox that involves manual MSSQL Injection, going from... read more
27Dec
Lab – Lustrous Walkthrough
This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab. read more