Scrambled is a hard-rated Windows machine from Hack The box, and upon completion I got rank 1 in Sweden! My view on this box is unfairly skewed by the case for rank 1 making…
Carpediem is a hard-rated Linux machine from Hack The Box and probably one of the best, if not even the best, box I’ve done. This is a HUGE box with a lot of different…
Extensionis a hard-rated Linux machine from Hack The Box. This is a very interesting machine that’s beautifully made, the attack surface is slim and there are a lot of…
UpDown is a medium-rated Linux machine from Hack The Box. Just as it’s name this box has it’s Ups and Downs. The path to foothold was very fun and fairly easy solved using…
Vessel is a hard-rated Linux machine from Hack The Box. I really really liked this box, it was straight to the point and not any real rabbit holes. The path to both user and…
Moderators is a hard-rated Linux machine from Hack The Box. Doing this box about a month after release it has a very low rating of only 2.6, and honestly I do agree.…
Faculty is a medium-rated Linux machine from Hack The Box. This is one of the most fun boxes I’ve done in a while, maybe due to the fact that I never got caught in any…
Shared is a medium-rated Linux machine from Hack The Box. Compared to the last few boxes I’ve done, this was a real smooth ride as we’re basically jumping from exploit to…
Health was a easy-rated Linux machine from Hack The Box, that later got bumped to medium. The initial foothold shows you a new unique way of attacking unreachable services…
Outdated is a medium-rated Windows machine from Hack The Box. With a release containing a massive unintended path (Zerologon), paired with huge stability issues, this box…
RedPanda is a very cute easy-rated Linux machine from Hack The Box. I can see why it’s rated as easy, but for someone with limited Java experience I found it a bit rough on…
StreamIO is an medium-rated Windows machine from HackTheBox. For me this box was quite slow to start where I had to put a lot of time and energy into fuzzing and manually…
Support is an easy-rated Windows machine from HackTheBox. Although it’s easy rating we’ll touch on two major areas - Active Directory and Binary Exploitation/Analysis…
Trick is an easy-rated Linux machine from Hack The Box. For it’s rating it feel like this is a true ‘try harder’-type of box where you have to enumerate everything…
OpenSource is an easy-rated Linux machine from Hack The Box. As the name suggests we’re met with an OpenSource project that have over shared, in making them vulnerable to…
Noter is an medium-rated machine from Hack The Box. Even though it’s medium rating I found this box to be very straight forward with little to none rabbit holes, and thus I…
Late is an easy-rated Linux machine from Hack The Box. In this box we’re met with one of my favorite exploit techniques - Server Side Template Injection (SSTI). The path…
Timelapse is an easy-rated Windows machine from Hack The Box. The box is quiet realistic where you work your way to the initial foothold starting with some locked files on a…
RouterSpace is an easy-rated Linux machine from Hack The Box. It is very different from other boxes as we’re tasked with compromizing a router apk-file. Personally I found…
Paper is an easy-rated Linux machine from Hack The Box, themed around the TV Show ‘The Office’. In true ´The Office’ fashion we are met with Michaels incompetence and…
Pandora is an easy-rated Linux machine from Hack The Box. On this machine we’re forced to think outside of the box, or even inside to be precise. We get a foothold almost…
Hancliffe is an hard-rated Windows machine from Hack The Box, and holy fuck is it hard! This is definitely one of the most challenging machines I’ve done, if not THE most…
Using a found password and username, the attacker enumerates Active Directory users. They crack a Kerberoastable user’s password and access SMB shares to find sensitive…
The Shibboleth box was vulnerable to an IPMI Cipher Zero bypass, revealing the Administrator password. Using it, access to Zabbix was gained, allowing command execution and…
The WordPress site had a directory traversal vulnerability in an ebook plugin allowing access to sensitive files and discovery of a running gdbserver, which was exploited…
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown…
Partial writeup..
NO WRITEUP AVAILABLE!
N/A
Partial writeup for root only.
