< Go back

Posts tagged "writeup"

• Obscurity Writeup (HackTheBox)

  🗓️ Published: 23 Jan 2020

  Uses directory enumeration, format string vulnerability, simple cryptography and a type of race condition exploit.

• Remote Writeup (HackTheBox)

  🗓️ Published: 30 Mar 2020

  Modify an RCE exploit POC and abuse a service to get a privileged shell.

• ServMon Writeup (HackTheBox)

  🗓️ Published: 23 Apr 2020

  Anonymous FTP access, directory traversal vulnerability to read remote files followed by a privilege escalation via locally accessible API.

• Sauna Writeup (HackTheBox)

  🗓️ Published: 26 Apr 2020

  AS-REP roasting, using WinRM to run Bloodhound, then utilizing DCSync rights to retrieve an NTLM hash and run PSExec.

• OpenAdmin Writeup (HackTheBox)

  🗓️ Published: 04 May 2020

  Uses RCE exploitation, password reuse, SSH port forwarding, passphrase bruteforcing and a cute privilege escalation method.

• Magic Writeup (HackTheBox)

  🗓️ Published: 07 May 2020

  Starts off with some SQL injection, upgrading a shell to an interactive TTY and a little bit of reverse engineering.

• Nest Writeup (HackTheBox)

  🗓️ Published: 20 May 2020

  Reverse some binaries to decrypt some hashes. Also, never assume what you do and don't have access to.

• Admirer Writeup (HackTheBox)

  🗓️ Published: 22 May 2020

  Lots of enumeration, an information disclosure vulnerability, and a privilege escalation using Python.

• Resolute Writeup (HackTheBox)

  🗓️ Published: 30 May 2020

  LDAP enumeration, a little bit of "bruteforcing", some file system enumeration, and execution of a well documented privilege escalation technique related to DNS.

• Monteverde Writeup (HackTheBox)

  🗓️ Published: 11 Jun 2020

  Lazy administrators, classic enumeration, SQL recon, and learning cool stuff about Azure Active Directory.

• Sink Writeup (HackTheBox)

  🗓️ Published: 30 Sep 2021

  HTTP request smuggling and AWS. Learned so much from this box.