This box is a writeup about a retired HacktheBox machine: Cascade publish on Mars 28 2020 by VbScrub. This box is rated as medium box. It implies some LDAP search, some SMB shares, a VNC registry, some reverse engineering and the AD Recycle Bin.

This is a writeup about a retired HacktheBox machine: Sauna published on February the 15th 2020 by egotisticalSW This box is classified as an easy machine. This box has a lot of similarities with forest: The user part require some smart enumeration. The second user also require to enumerate the box and the root part is a "simple" exploitation of the second user's privileges.

This is a writeup about a retired HacktheBox machine: Book This box is classified as a medium machine published on February the 22th 2020 by MrR3boot. It involves some XSS, an SQL truncation injection and a CVE on logrotate.

This is a writeup about a retired HacktheBox machine: Forwardslash created by InfoSecJack and chivato publish on April 4, 2020. This box is classified as an hard machine. The user part inplies some enumeration a LFI, some PHP filter, a home made backup binary. The root part implies some home made crypto (don't) and a LUKS image.

This article is a writeup about a retired HacktheBox machine: ServMon publish on April 11 2020 by dmw0ng. This box is rated as an easy box. This box is really unstable and can be a pain as there is a lot of reset on public server. It implies an anonymous FTP, a Passwords.txt file and two exploits.

This is a writeup about a retired HacktheBox machine: Monteverde published on January the 11th 2020 by egre55. This box is classified as a medium machine. The user part is quit direct and easy and involve to enumerate a few basic services. The root part was harder for me as it is based on a specific issue with Azure AD and Password Hash Synchronisation.

This is a writeup about a retired HacktheBox machine: Nest This box is classified as an easy machine. It was publish on January the 25th by VbScrub. This box is a bit different that the other ones on HTB. Until the last step you never have a shell on the box (and none is needed to root it). All commands and enumeration are done on the SMB service. There is also a personnalized service HQK.

Getting user involve understanding a bit of cryptography (homemade combination of base64 and AES) but nothing too complexe.

Getting root required to decompile some .NET executable to get some parameter for the homemade encryption.

This box is a writeup about a retired HacktheBox machine: Resolute. This box was created by egre55 and publish on December the 7th 2019. The box is rated as a medium box. It implies a lot of enumeration and really interesting privilege escalation in Windows environment using DLL injection.

This is a writeup about a retired HacktheBox machine: Obscurity This box is classified as a medium machine. It was release on December the first 2019 by clubby789. It implies some enumeration and a lot of python.

This is a writeup about a retired HacktheBox machine: OpenAdmin created by dmw0ng and publish on January 4, 2020. This box is classified as an easy machine. The user part is longer than the root part and involve to find a vulnerable component, exploit it to get a shell, found the creds of an user able to connect using SSH then found another webservice to get the private SSH key of a second user. The root part is simply exploiting a sudo permission on nano to execute command.