Year of the Jellyfish @ TryHackMe
In this video, we are going to solve Jellyfish, a medium difficulty box from TryHackMe, which involves exploiting a PHP web app called Monitorr and using dirty_sock for root.
30Apr
Related Posts
10Jun
Protected: Rastalabs Prolab @ HackTheBox
There is no excerpt because this is a protected post. read more
25Jan
AI @ HackTheBox
AI is a 30 point machine on hackthebox that involves SQL injection via speech and abusing an exposed java debugging... read more
29May
XSS, Deserialization & SeImpersonate – Cereal @ HackTheBox
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
10Jun
Smasher 2 @ HackTheBox
Smasher2 is a difficult 50 points machine on hackthebox, involving some guessing to get the user flag (because the author... read more
18Sep
HTTP Request Smuggling & AWS – Sink @ HackTheBox
We are solving Sink, a 50-point Linux machine on HackTheBox that involves HTTP Request Smuggling & retrieving secrets from Localstack. read more
10Jun
Writeup @ HackTheBox
Writeup is a nice, medium difficulty machine on hackthebox, featuring the use of a publicly available sql injection exploit and... read more
11Apr
Traverxec @ HackTheBox
Traverxec is a 20-point machine on hackthebox that involves using a public exploit on the nostromo webserver, cracking the passphrase... read more
04Jul
ForwardSlash @ HackTheBox
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more
03Aug
Safe @ HackTheBox
Safe is an "easy" machine on hackthebox, involving a simple buffer overflow and cracking a keepass file. read more
04Apr
Registry @ HackTheBox
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and... read more