JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
Haystack is a 20 points machine on hackthebox, which in my opinion is not as easy as one might think.... read more
Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a... read more
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my... read more
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a custom... read more
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more
Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell... read more
Writeup is a nice, medium difficulty machine on hackthebox, featuring the use of a publicly available sql injection exploit and... read more
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more