Agile is a medium machine from HackTheBox. It involves extracting Werkzeug debug console pin with the help of Directory traversal vulnerability, getting credentials from chrome remote debugging window, and exploiting CVE in sudoedit to modify the file used in a cron running as root. NMAP PORT STATE SERVICE REASON…

Introduction Cerberus is a hard machine from HackTheBox. It involves exploiting File Read and RCE CVEs in icinga to get foothold, escalating privileges by LPE CVE in firejail, pivoting to DC and finally getting SYSTEM by exploiting RCE in ADSelfService Plus. NMAP PORT STATE SERVICE VERSION 8080/tcp open…

Stocker is an easy machine from HackTheBox. It involves bypassing authentication via NoSQL injection, exploiting HTML injection in PDF generation to read source code from the host containing credentials that leads to foothold. Finally, misconfigured sudo privilege allowing execution of NodeJS scripts leads to shell as root. NMAP PORT…

Escape is a medium machine from HackTheBox. It involves enumerating smb shares and finding PDF containing SQL Server credentials, stealing NTLMv2 hash of SQL service, reading log files for credentials and finally abusing the AD CS template for getting shell as administrator. NMAP PORT STATE SERVICE…

Soccer is an easy machine from HackTheBox. It involves exploiting file upload CVE in an old version of tiny file manager, finding another running application and exploiting sqli in the vulnerable websocket leading to foothold. …

These fun challenges are created and hosted by Ian Austin. You can provide your feedback on their Linkedin. Challenge 1

Bagel is a medium Linux machine from HackTheBox. It involves exploiting file read vulnerability to read the application source code, fuzzing another dotnet application’s PID to download its DLL, and reversing it to find and exploit JSON deserialization vulnerability leading to foothold on the machine. …

Flight is a hard windows machine from HackTheBox. The steps to root this box include exploiting local file inclusion (LFI), leaking NTLM hashes, forced authentication (SCF/URL file attacks) and using Juicy Potato NG to get system shell. NMAP PORT STATE SERVICE…

MetaTwo is an easy Linux machine from HackTheBox. It involves the exploitation of SQL injection CVE in the booking press (WordPress) plugin and XXE injection in the WordPress version to read credentials from the configurations file and initial foothold. …