Posts with label "HTB"

HTB: Ellingson

Ellingson card

This is a writeup about a retired HacktheBox machine: Ellingson This box is classified as a hard machine. The user is not too hard to get as it require to know python and password's cracking. The root part is really hard as this require the exploitation of a ROP buffer overflow.

Note: if you just want to play with the buffer overflow, the binary is avlaible on this site, just go to the "Analysing the Buffer Overflow" section

HTB: Writeup

Writeup Card

This article is a writeup about a retired HacktheBox machine: Writeup. (Yes the machine name is writeup, searching a writeup for writeup will be a funny thing.). The machine is classed as an easy one. It involves vulnerability in a known CMS as well as "PATH vulnerability" for the privilege escalation.

HTB: Swagshop

Swagshop Card

This article is a writeup about a retired HacktheBox machine: Swagshop This box was suppose to be an easy one. Turns out it wasn't. I struggle a lot in wrong direction and finally found a path to root this magento box.

This article presents the different methods which failed on the box as well as the solution to root it.