CTF Archives • Page 2 of 11 • Vulndev

08JanJanuary 8, 2022

Command Injection & Path Hijacking – Previse @ HackTheBox

We are solving Previse, an easy linux machine on HackTheBox that involves a Command Injection & Path Hijacking.

By xctCTFcommand injection, hackthebox, linux, path hijacking

27DecDecember 27, 2021

Lab – Lustrous Walkthrough

This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab.

By xctCTF, Vulnlabactive directory, vulnlab

05DecDecember 5, 2021

Stealing Hashes with Responder, GPO Permissions & Unintended Ways – Vault @ PG Practice

We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes. For root, we will abuse GPO Permissions and explore 2 unintended privilege escalations.

By xctCTFactive directory, gpo, pg practice, responder, windows

27NovNovember 27, 2021

Password Spraying, gMSA, ADIDNS & Constrained Delegation – Intelligence @ HackTheBox

We are solving intelligence, a nice windows machine on HackTheBox, created by Micah. For user, we will enumerate pdfs on a webserver & will use both the content & metadata to find valid credentials of a domain user. For root, we update a DNS entry, steal a hash & dump...

By xctCTFactive directory, constrained delegation, dns, gMSA, hackthebox, password spraying, windows

20NovNovember 20, 2021

LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice

We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a web shell via Webdav. For root, we will read a LAPS password for the intended way & then explore other methods.

By xctCTFaspx, laps, ldap, pg practice, rubeus, webdav, windows

06NovNovember 6, 2021

Active Directory, Reverse Engineering & Unintended Solutions – Pivotapi @ HackTheBox

We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active Directory Attacks like Kerberoasting, ASREPRoasting, and various misconfigurations. In the end, we will explore some unintended ways to root this box.

By xctCTFactive directory, asreproast, hackthebox, kerberoast, laps, mssql, seimpersonate, semanagevolume, windows

16OctOctober 16, 2021

Dynamic DNS & Command Injection – Dynstr @ HackTheBox

We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection.

By xctCTFcommand injection, dynamic dns, hackthebox, linux, wildcard

09OctOctober 9, 2021

SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice

We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading a gMSA password & exploiting the SeRestorePrivilege.

By xctCTFgmsa password, pg practice, privileges, responder, ssrf, windows