Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
17Apr
Related Posts
22May
Getting Access through the Helpdesk – Delivery @ HackTheBox
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
25May
Luke @ HackTheBox
Luke is a rather short, easy machine on hackthebox, which was nonetheless fun to solve and our team got both... read more
16Oct
Dynamic DNS & Command Injection – Dynstr @ HackTheBox
We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection. read more
09Oct
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading... read more
13Apr
LaCasaDePapel @ HackTheBox
LaCasaDePapel is a rather easy machine on hackthebox.eu, featuring the use of php reflection, creating and signing of client certificates... read more
06Nov
Active Directory, Reverse Engineering & Unintended Solutions – Pivotapi @ HackTheBox
We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active Directory... read more
13Jun
Monteverde @ HackTheBox
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
28Dec
InfernoCTF Weakened Keys
"Weakened Keys" was an interesting crypto challenge on InfernoCTF. read more
15May
Ghoul @ HackTheBox
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more
30May
Resolute @ HackTheBox
Resolute is a 30-point Windows machine on HackTheBox that involves enumerating LDAP, Password Spraying, and using the DNSAdmins group to... read more