Academy @ HackTheBox
Solving Academy on HackTheBox, a 20-point Linux machine on HackTheBox that involves a Laravel deserialization RCE, stored credentials & sudo composer.
27Feb
Related Posts
15May
Ghoul @ HackTheBox
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more
28Mar
Helpline @ HackThebox
Helpline is a really fun box on hackthebox.eu, which I was lucky enough to get system first blood on :)... read more
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
27Dec
Lab – Lustrous Walkthrough
This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab. read more
20Nov
LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice
We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a... read more
22Jan
SSRF & Python Debugger – Forge @ HackTheBox
We are solving Forge, a medium difficulty Linux machine on HackTheBox which involves an SSRF & playing with the python... read more
22Feb
Zetta @ HackTheBox
Zetta is 40-point machine on hackthebox. We will get the ipv6 address of the box via ftp, use rsync to... read more
10Apr
APT @ HackTheBox
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the... read more
16May
SwagShop @ HackTheBox
SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse. read more
08Feb
Ypuffy @ HackTheBox
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting... read more