A different kind of article about a game organized by the Bored Ape Yach Club a few weeks ago. The deal was to complete five levels of a difficult game to get a Proof of attendance token.

As a few weeks have pass since the end of the game I will share a few tips to win every time as the game is written in JavaScript.

The game is located at https://2dengine.com/mutantarcade/

Note: it seems that you are directly in the last level (5/5) using the link above. You can find an archive with the JS files here.

This is a writeup about a retired HacktheBox machine: Knife published on May 22 2021 by MrKN16H This box is classified as an easy machine. This box implies a PHP dev backdoor and a misconfigured sudo permission for knife a chef utility.

This is a writeup about a retired HacktheBox machine: Love published on May 1 2021 by pwnmeow This box is classified as an easy machine. This box implies a SSRF, some php file and an AlwaysInstallElevated privilege on a Windows box.

This is a writeup about a retired HacktheBox machine: TheNotebook publish on Mars 6, 2021 by mostwanted002. This box is rated as a medium machine. It implies a JWT token, some PHP files and a docker exploit.

This is a writeup about a retired HacktheBox machine: Armageddon publish on Mars 27, 2021 by Bertolis. This box is rated as an easy machine. It implies the drupalgeddon vulnerability and some permissive sudo permissions.

This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.

This is a writeup about a retired HacktheBox machine: ScriptKiddie publish on February 6, 2021 by 0xdf. This box is rated as easy box the user part implies to use CVE-2020-7384, the root part is just abusing a bash script and using msfconsole.

This is a writeup about a retired HacktheBox machine: Delivery created by ippsec and publish on January 9 2021. This box is classified as an easy machine. The user part involve to understand a process and exploit some functionnal flow. The root part implies enumeration and cracking somes hashes binary.

This is a writeup about a retired HacktheBox machine: Laboratory publish on November 14, 2020 by 0xc45. This box is rated as an easy box. It implies mostly gitlab and a LFI vulnerability and an SUID binary.

This is a writeup about a retired HacktheBox machine: Ready published on December 12 2020 by bertolis This box is classified as a medium machine. This box implies an outdated gitlab server, a clear text password in a backup file and a docker container.