PHP Unserialize & Race Condition – Tenet @ HackTheBox
We are solving Tenet, a 30-point machine HackTheBox that involves a simple PHP deserialization vulnerability, password reuse and a race condition.
12Jun
Related Posts
03Aug
Fortune @ HackTheBox
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more
21Mar
Forest @ HackTheBox
Forest is a 20-point active directory machine on HackTheBox that involves user enumeration, AS-REP-Roasting and abusing Active Directory ACLs to... read more
27Nov
Password Spraying, gMSA, ADIDNS & Constrained Delegation – Intelligence @ HackTheBox
We are solving intelligence, a nice windows machine on HackTheBox, created by Micah. For user, we will enumerate pdfs on... read more
21Aug
SQLi, ToC/ToU & Arbitrary File Write – Proper @ HackTheBox
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a custom... read more
15May
Exploiting Gitlab 11.4.7 & Escaping a Privileged Docker Container – Ready @ HackTheBox
We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the "Import Repo by URL"... read more
13Jun
Monteverde @ HackTheBox
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
22Feb
Zipper @ HackTheBox
This post is a walkthrough of Zipper, an interesting machine on hackthebox.eu featuring the zabbix network monitoring application. It involves... read more
11Apr
Traverxec @ HackTheBox
Traverxec is a 20-point machine on hackthebox that involves using a public exploit on the nostromo webserver, cracking the passphrase... read more
14Mar
Postman @ HackTheBox
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the... read more
27Apr
Irked @ HackTheBox
This short write-up is about Irked, a rather easy machine on hackthebox featuring an irc backdoor, some steganography and a... read more