Passage @ HackTheBox
Solving Passage on HackTheBox. This is an easy box involving 2 public exploits, one for the CuteNews CMS and one for the USBCreator D-Bus interface.
28Mar
Related Posts
03Aug
Safe @ HackTheBox
Safe is an "easy" machine on hackthebox, involving a simple buffer overflow and cracking a keepass file. read more
16Jan
Lab – Rainbow Walkthrough
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more
29May
XSS, Deserialization & SeImpersonate – Cereal @ HackTheBox
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
24Apr
DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell... read more
10May
Angr & Basic Binary Exploitation – Binary Heaven @ TryHackMe
We are going to solve "Binary Heaven", a room on TryHackMe. It starts with some light reversing and debugging, and... read more
22Feb
Zipper @ HackTheBox
This post is a walkthrough of Zipper, an interesting machine on hackthebox.eu featuring the zabbix network monitoring application. It involves... read more
27Jun
Player2 @ HackTheBox
Player2 is a 50-point Linux machine on HackTheBox. For user we do some web fuzzing, call a twirp method to... read more
16Mar
Carrier @ HackTheBox
Carrier is a nice, medium difficulty machine on hackthebox.eu featuring information retrieval via snmp, command injection and bgp hijacking. The... read more
21Mar
Forest @ HackTheBox
Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs to... read more