Posted on 09 Aug 2021 in security • Tagged with security, boot2root, HTB, windows, php, AlwaysInstallElevated • 4 min read
This is a writeup about a retired HacktheBox machine: Love published on May 1 2021 by pwnmeow This box is classified as an easy machine. This box implies a SSRF, some php file and an AlwaysInstallElevated privilege on a Windows box.
Posted on 01 Aug 2021 in security • Tagged with security, boot2root, HTB, JWT, docker, CVE-2019-5736, CVE • 4 min read
This is a writeup about a retired HacktheBox machine: TheNotebook publish on Mars 6, 2021 by mostwanted002. This box is rated as a medium machine. It implies a JWT token, some PHP files and a docker exploit.
Posted on 26 Jul 2021 in security • Tagged with security, boot2root, HTB, linux, Drupalgeddon • 4 min read
This is a writeup about a retired HacktheBox machine:
Armageddon publish on
Mars 27, 2021 by
Bertolis.
This box is rated as an easy machine. It implies the drupalgeddon vulnerability
and some permissive sudo permissions.
Posted on 05 Jul 2021 in security • Tagged with security, boot2root, HTB, Linux, YAML, deserialization, webassembly • 5 min read
This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.
Posted on 07 Jun 2021 in security • Tagged with security, boot2root, HTB, msfvenom, nmap, msfconsole • 4 min read
This is a writeup about a retired HacktheBox machine: ScriptKiddie publish on February 6, 2021 by 0xdf. This box is rated as easy box the user part implies to use CVE-2020-7384, the root part is just abusing a bash script and using msfconsole.
Posted on 24 May 2021 in security • Tagged with security, boot2root, HTB, Linux, john • 4 min read
This is a writeup about a retired HacktheBox machine: Delivery created by ippsec and publish on January 9 2021. This box is classified as an easy machine. The user part involve to understand a process and exploit some functionnal flow. The root part implies enumeration and cracking somes hashes binary.
Posted on 16 May 2021 in security • Tagged with security, boot2root, HTB, linux, gitlab • 5 min read
This is a writeup about a retired HacktheBox machine: Laboratory publish on November 14, 2020 by 0xc45. This box is rated as an easy box. It implies mostly gitlab and a LFI vulnerability and an SUID binary.
Posted on 16 May 2021 in security • Tagged with security, boot2root, HTB, gitlab, docker • 4 min read
This is a writeup about a retired HacktheBox machine: Ready published on December 12 2020 by bertolis This box is classified as a medium machine. This box implies an outdated gitlab server, a clear text password in a backup file and a docker container.
Posted on 07 Apr 2021 in security • Tagged with security, boot2root, HTB, linux, jackson, deserialization • 3 min read
This is a writeup about a retired HacktheBox machine: Time publish on October 24, 2020 by egotisticalSW and felamos . This box is rated as a medium box. It implies a hard foothold using Jackson and some Google fu. The root part is quit fast as there is a writable bash script running regularly as root.
Posted on 09 Mar 2021 in security • Tagged with security, boot2root, HTB, linux • 4 min read
This is a writeup about a retired HacktheBox machine: Passage publish on September 2, 2020 by ChefByzen. This box is rated as a medium box. It implies two public exploit and a shared SSH private key.