Posts - Page 2

• Magic Writeup (HackTheBox)

  🗓️ Published: 07 May 2020

  Starts off with some SQL injection, upgrading a shell to an interactive TTY and a little bit of reverse engineering.

• OpenAdmin Writeup (HackTheBox)

  🗓️ Published: 04 May 2020

  Uses RCE exploitation, password reuse, SSH port forwarding, passphrase bruteforcing and a cute privilege escalation method.

• Sauna Writeup (HackTheBox)

  🗓️ Published: 26 Apr 2020

  AS-REP roasting, using WinRM to run Bloodhound, then utilizing DCSync rights to retrieve an NTLM hash and run PSExec.

• ServMon Writeup (HackTheBox)

  🗓️ Published: 23 Apr 2020

  Anonymous FTP access, directory traversal vulnerability to read remote files followed by a privilege escalation via locally accessible API.

• Remote Writeup (HackTheBox)

  🗓️ Published: 30 Mar 2020

  Modify an RCE exploit POC and abuse a service to get a privileged shell.

• Obscurity Writeup (HackTheBox)

  🗓️ Published: 23 Jan 2020

  Uses directory enumeration, format string vulnerability, simple cryptography and a type of race condition exploit.