NoSQL injection is a security vulnerability that arises in non-relational databases, allowing attackers to manipulate or exploit the system. Unlike traditional SQL injection, NoSQL injection occurs when unsanitized or malicious input is used to query NoSQL databases, potentially leading to unauthorized access, data leakage, or data corruption.

PC is an easy machine from HackTheBox. It involves identifying and exploiting SQL injection in gRPC service to dump database for foothold, and exploiting CVE-2023–0297 (RCE in pyLoad) for escalating privileges to root. NMAP PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0) …

Busqueda is an easy machine from HackTheBox. It involves exploiting Arbitrary Code Injection in website using vulnerable searcher library to gain initial access, taking advantage of password reuse and abusing custom python script for privilege escalation. NMAP PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH…

Agile is a medium machine from HackTheBox. It involves extracting Werkzeug debug console pin with the help of Directory traversal vulnerability, getting credentials from chrome remote debugging window, and exploiting CVE in sudoedit to modify the file used in a cron running as root. NMAP PORT STATE SERVICE REASON…

Introduction Cerberus is a hard machine from HackTheBox. It involves exploiting File Read and RCE CVEs in icinga to get foothold, escalating privileges by LPE CVE in firejail, pivoting to DC and finally getting SYSTEM by exploiting RCE in ADSelfService Plus. NMAP PORT STATE SERVICE VERSION 8080/tcp open…

Stocker is an easy machine from HackTheBox. It involves bypassing authentication via NoSQL injection, exploiting HTML injection in PDF generation to read source code from the host containing credentials that leads to foothold. Finally, misconfigured sudo privilege allowing execution of NodeJS scripts leads to shell as root. NMAP PORT…

Escape is a medium machine from HackTheBox. It involves enumerating smb shares and finding PDF containing SQL Server credentials, stealing NTLMv2 hash of SQL service, reading log files for credentials and finally abusing the AD CS template for getting shell as administrator. NMAP PORT STATE SERVICE…

Soccer is an easy machine from HackTheBox. It involves exploiting file upload CVE in an old version of tiny file manager, finding another running application and exploiting sqli in the vulnerable websocket leading to foothold. …

These fun challenges are created and hosted by Ian Austin. You can provide your feedback on their Linkedin. Challenge 1