HTB: Ophiuchi

Posted on 05 Jul 2021 in security • Tagged with security, boot2root, HTB, Linux, YAML, deserialization, webassembly • 5 min read

Ophiuchi card

This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.


Continue reading

HTB: Time

Posted on 07 Apr 2021 in security • Tagged with security, boot2root, HTB, linux, jackson, deserialization • 3 min read

Time Card

This is a writeup about a retired HacktheBox machine: Time publish on October 24, 2020 by egotisticalSW and felamos . This box is rated as a medium box. It implies a hard foothold using Jackson and some Google fu. The root part is quit fast as there is a writable bash script running regularly as root.


Continue reading