Posted on 08 Jan 2022 in security • Tagged with security, boot2root, HTB, PATH • 4 min read
This is a writeup about a retired HacktheBox machine: Previse publish on August 7, 2021 by m4lwhere. This box is rated as an easy machine. It implies a hidden page, a unsanitize variable, a funny salt and a relative PATH.
Posted on 28 Dec 2021 in security • Tagged with security, boot2root, HTB, XXE, php filter, python • 4 min read
This is a writeup about a retired HacktheBox machine: BountyHunter publish on July 25, 2021 by ejedev. This box is rated as an easy machine. It implies an XXE and some python.
Posted on 01 Nov 2021 in security • Tagged with security, boot2root, HTB, Android, exploit, adb • 3 min read
This is a writeup about a retired HacktheBox machine:
Explorer created by
bertolis and publish on
June 26, 2021.
This box is classified as an easy machine. The user part involves an Android
exploit for ES File Explorer and the root part a simple port forward and an adb shell.
Posted on 23 Oct 2021 in security • Tagged with security, boot2root, HTB, capabilities • 2 min read
This article is a writeup about a retired HacktheBox machine: Cap published on June 5, 2021 by InfoSecJack. This box is rated as easy box the user part implies to know a bit about array indexes and wireshark. The root part is quit easy and implies a binary capabilities.
Posted on 29 Aug 2021 in security • Tagged with security, boot2root, HTB, linux, php, chef • 3 min read
This is a writeup about a retired HacktheBox machine:
Knife published on
May 22 2021 by
MrKN16H
This box is classified as an easy machine. This box implies a PHP dev backdoor
and a misconfigured sudo permission for knife a
chef utility.
Posted on 09 Aug 2021 in security • Tagged with security, boot2root, HTB, windows, php, AlwaysInstallElevated • 4 min read
This is a writeup about a retired HacktheBox machine: Love published on May 1 2021 by pwnmeow This box is classified as an easy machine. This box implies a SSRF, some php file and an AlwaysInstallElevated privilege on a Windows box.
Posted on 01 Aug 2021 in security • Tagged with security, boot2root, HTB, JWT, docker, CVE-2019-5736, CVE • 4 min read
This is a writeup about a retired HacktheBox machine: TheNotebook publish on Mars 6, 2021 by mostwanted002. This box is rated as a medium machine. It implies a JWT token, some PHP files and a docker exploit.
Posted on 26 Jul 2021 in security • Tagged with security, boot2root, HTB, linux, Drupalgeddon • 4 min read
This is a writeup about a retired HacktheBox machine:
Armageddon publish on
Mars 27, 2021 by
Bertolis.
This box is rated as an easy machine. It implies the drupalgeddon vulnerability
and some permissive sudo permissions.
Posted on 05 Jul 2021 in security • Tagged with security, boot2root, HTB, Linux, YAML, deserialization, webassembly • 5 min read
This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.
Posted on 07 Jun 2021 in security • Tagged with security, boot2root, HTB, msfvenom, nmap, msfconsole • 4 min read
This is a writeup about a retired HacktheBox machine: ScriptKiddie publish on February 6, 2021 by 0xdf. This box is rated as easy box the user part implies to use CVE-2020-7384, the root part is just abusing a bash script and using msfconsole.