DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
24Apr
Related Posts
02Mar
Access @ HackTheBox
In this short writeup I will show how I completed Access on hackthebox.eu, a quite easy windows box that involves... read more
28Aug
PHP Zerodium Backdoor & Sudo Knife – Knife @Hack The Box
This video is about Knife, a 20-point machine on HackTheBox that involves the zerodium php backdoor and using "sudo knife"... read more
28Mar
Sniper @ HackTheBox
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
31Jul
JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we'll modify a JWT Token, upload a PHP-Webshell and use... read more
22May
Getting Access through the Helpdesk – Delivery @ HackTheBox
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
08Jan
Real World CTF 2023 – NonHeavyFTP
This is a short writeup on the "NonHeavyFTP" challenge from Real World CTF 2023. This was one of the easier... read more
18May
Ellingson @ HackTheBox
Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a... read more
18Jan
Player @ HackTheBox
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
10Jul
Electron-Updater RCE – Atom @ HackTheBox
We are going to solve Atom, a 30-point machine on HackTheBox where we'll analyze an electron app and exploit its... read more
16Jul
Active Directory, JEA & Random Stuff – Acute @ HackTheBox
Acute is a 40-point Active Directory Windows machine on HackTheBox. I'm going to use it to show some techniques which... read more