MonitorsTwo hackthebox writeup
Easy linux machine in which we hack cacti with a CVE, get credentials from a SQL database, and exploit a docker CVE to escalate privileges
Easy linux machine in which we hack cacti with a CVE, get credentials from a SQL database, and exploit a docker CVE to escalate privileges
Easy linux machine in which we hack gRPC via SQL injection and escalate privileges thanks to a pyload CVE
Easy linux machine in which we exploit a known vulnerability,find plaintext credentials, and abuse a relative path
Easy linux machine in which we exploit a CVE found plaintext credentials adn privesc with ansible
Medium linux machine in which we get LFI forge our own flask token, exploit Chrome in debug mode and use a sudo CVE to privesc
Medium linux machine in which we exploit a CVE get credentials to a MySQL db then get ssh credentials and lastly find a consul token in a git repository to get root
Easy linux machine in which we find a subdomain, bypass a login, get LFI thanks to XSS and escalate privileges via missconfiguration
Easy linux machine in which we upload malicious files, we do a sqli in a websocket and privesc thanks to doas and dstat
Simple yet didactic reverse engineering challenge
Really easy linux machine in which we exploit a pdfkit RCE, find plaintext credentials and escalate thanks to a .yaml file