HTB: Delivery

Posted on 24 May 2021 in security • Tagged with security, boot2root, HTB, Linux, john • 4 min read

Delivery card

This is a writeup about a retired HacktheBox machine: Delivery created by ippsec and publish on January 9 2021. This box is classified as an easy machine. The user part involve to understand a process and exploit some functionnal flow. The root part implies enumeration and cracking somes hashes binary.


Continue reading

HTB: Laboratory

Posted on 16 May 2021 in security • Tagged with security, boot2root, HTB, linux, gitlab • 5 min read

Laboratory Card

This is a writeup about a retired HacktheBox machine: Laboratory publish on November 14, 2020 by 0xc45. This box is rated as an easy box. It implies mostly gitlab and a LFI vulnerability and an SUID binary.


Continue reading

HTB: Ready

Posted on 16 May 2021 in security • Tagged with security, boot2root, HTB, gitlab, docker • 4 min read

Ready card

This is a writeup about a retired HacktheBox machine: Ready published on December 12 2020 by bertolis This box is classified as a medium machine. This box implies an outdated gitlab server, a clear text password in a backup file and a docker container.


Continue reading

HTB: Time

Posted on 07 Apr 2021 in security • Tagged with security, boot2root, HTB, linux, jackson, deserialization • 3 min read

Time Card

This is a writeup about a retired HacktheBox machine: Time publish on October 24, 2020 by egotisticalSW and felamos . This box is rated as a medium box. It implies a hard foothold using Jackson and some Google fu. The root part is quit fast as there is a writable bash script running regularly as root.


Continue reading

HTB: Passage

Posted on 09 Mar 2021 in security • Tagged with security, boot2root, HTB, linux • 4 min read

Passage Card

This is a writeup about a retired HacktheBox machine: Passage publish on September 2, 2020 by ChefByzen. This box is rated as a medium box. It implies two public exploit and a shared SSH private key.


Continue reading

HTB: Academy

Posted on 28 Feb 2021 in security • Tagged with security, boot2root, HTB, Linux, laravel, composer • 5 min read

Academy card

This is a writeup about a retired HacktheBox machine: Academy created by egre55 and mrb3n and publish on November 7, 2020. This box is classified as an easy machine. The user part involve a public exploit and some enumeration. The root part implies enumeration and a sudo binary.


Continue reading

HTB: Doctor

Posted on 07 Feb 2021 in security • Tagged with security, boot2root, HTB, linux, SSTI, Splunk • 5 min read

Doctor card

This is a writeup about a retired HacktheBox machine: Doctor created by egotisticalSW and publish on September 26, 2020. This box is classified as an easy machine. The user part implied a server side template injection and finding a needle in a haystack. The root part required to use a Splunk exploit to elevate our privileges.


Continue reading

HTB: Omni

Posted on 07 Feb 2021 in security • Tagged with security, boot2root, HTB, Windows, IOT • 7 min read

Omni Card

This is a writeup about a retired HacktheBox machine: Omni publish on August 22, 2020 by egre55. This box is rated as easy box. I was mostly intrigue by the "Other" operating system. It implies some Google search, a RAT and SecureStrings.


Continue reading

HTB: OpenKeyS

Posted on 14 Dec 2020 in security • Tagged with security, boot2root, HTB, OpenBSD, CVE • 4 min read

openkeys card

This is a writeup about a retired HacktheBox machine: OpenKeys published on July 25 2020 by polarbearer and GibParadox This box is classified as a medium machine. This box implies an openBSD box with a check_auth exploit.


Continue reading

HTB: Sneakymailer

Posted on 03 Dec 2020 in security • Tagged with security, boot2root, HTB, linux, phishing, pypi • 6 min read

Sneakymailer Card

This is a writeup about a retired HacktheBox machine: Sneakymailer publish on July 11, 2020 by sulcud. This box is rated as a medium box. It implies some phishing, an IMAP server, a FTP server, Pypi and sudo.


Continue reading