MonitorsTwo hackthebox writeup
Easy linux machine in which we hack cacti with a CVE, get credentials from a SQL database, and exploit a docker CVE to escalate privileges
Recent Posts
MonitorsTwo hackthebox writeup
PC hackthebox writeup
Easy linux machine in which we hack gRPC via SQL injection and escalate privileges thanks to a pyload CVE
Busqueda hackthebox writeup
Easy linux machine in which we exploit a known vulnerability,find plaintext credentials, and abuse a relative path
Inject hackthebox writeup
Easy linux machine in which we exploit a CVE found plaintext credentials adn privesc with ansible
Agile hackthebox writeup
Medium linux machine in which we get LFI forge our own flask token, exploit Chrome in debug mode and use a sudo CVE to privesc
Ambassador hackthebox writeup
Medium linux machine in which we exploit a CVE get credentials to a MySQL db then get ssh credentials and lastly find a consul token in a git repository to get root
Stocker hackthebox writeup
Easy linux machine in which we find a subdomain, bypass a login, get LFI thanks to XSS and escalate privileges via missconfiguration
Soccer hackthebox writeup
Easy linux machine in which we upload malicious files, we do a sqli in a websocket and privesc thanks to doas and dstat
Impossible Password hackthebox writeup
Simple yet didactic reverse engineering challenge
Precious hackthebox writeup
Really easy linux machine in which we exploit a pdfkit RCE, find plaintext credentials and escalate thanks to a .yaml file