JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
31Jul
Related Posts
30Jun
Haystack @ HackTheBox
Haystack is a 20 points machine on hackthebox, which in my opinion is not as easy as one might think.... read more
18May
Ellingson @ HackTheBox
Ellingson is fun and quick 40 points machine on hackthebox, featuring the abuse of the python/flask werkzeug debugger, cracking a... read more
29Feb
Scavenger @ HackTheBox
Scavenger is a 40 Point machine on hackthebox that involves a lot of enumeration, a SQL injection, and in my... read more
03Aug
Fortune @ HackTheBox
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more
21Aug
SQLi, ToC/ToU & Arbitrary File Write – Proper @ HackTheBox
We are solving Proper, a 40-point Windows machine on HackTheBox created by jkr and me. This box involves a custom... read more
28Mar
Sniper @ HackTheBox
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
13Mar
Reel2 @ HackTheBox
Solving Reel2 on HackTheBox. This is a 40 point box involving Spraying, Phishing, Sticky Notes and JEA. read more
03Apr
Hacking Time @ HackTheBox
Time is a 30-point machine on HackTheBox that involves using a public exploit for a CVE and overwriting a shell... read more
10Jun
Writeup @ HackTheBox
Writeup is a nice, medium difficulty machine on hackthebox, featuring the use of a publicly available sql injection exploit and... read more
27Mar
Luanne @ HackTheBox
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more