This is a writeup about a retired HacktheBox machine: Explorer created by bertolis and publish on June 26, 2021. This box is classified as an easy machine. The user part involves an Android exploit for ES File Explorer and the root part a simple port forward and an adb shell.

This article is a writeup about a retired HacktheBox machine: Cap published on June 5, 2021 by InfoSecJack. This box is rated as easy box the user part implies to know a bit about array indexes and wireshark. The root part is quit easy and implies a binary capabilities.

A different kind of article about a game organized by the Bored Ape Yach Club a few weeks ago. The deal was to complete five levels of a difficult game to get a Proof of attendance token.

As a few weeks have pass since the end of the game I will share a few tips to win every time as the game is written in JavaScript.

The game is located at https://2dengine.com/mutantarcade/

Note: it seems that you are directly in the last level (5/5) using the link above. You can find an archive with the JS files here.

This is a writeup about a retired HacktheBox machine: Knife published on May 22 2021 by MrKN16H This box is classified as an easy machine. This box implies a PHP dev backdoor and a misconfigured sudo permission for knife a chef utility.

This is a writeup about a retired HacktheBox machine: Love published on May 1 2021 by pwnmeow This box is classified as an easy machine. This box implies a SSRF, some php file and an AlwaysInstallElevated privilege on a Windows box.

This box is a writeup about a retired HacktheBox machine: TheNotebook publish on Mars 6, 2021 by mostwanted002. This box is rated as a medium machine. It implies a JWT token, some PHP files and a docker exploit.

This box is a writeup about a retired HacktheBox machine: Armageddon publish on Mars 27, 2021 by Bertolis. This box is rated as an easy machine. It implies the drupalgeddon vulnerability and some permissive sudo permissions.

This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.

This box is a writeup about a retired HacktheBox machine: ScriptKiddie publish on February 6, 2021 by 0xdf. This box is rated as easy box the user part implies to use CVE-2020-7384, the root part is just abusing a bash script and using msfconsole.

This is a writeup about a retired HacktheBox machine: Delivery created by ippsec and publish on January 9 2021. This box is classified as an easy machine. The user part involve to understand a process and exploit some functionnal flow. The root part implies enumeration and cracking somes hashes binary.