Posts with label "HTB"

HTB: Resolute

Resolute Card

This box is a writeup about a retired HacktheBox machine: Resolute. This box was created by egre55 and publish on December the 7th 2019. The box is rated as a medium box. It implies a lot of enumeration and really interesting privilege escalation in Windows environment using DLL injection.

HTB: OpenAdmin

OpenAdmin card

This is a writeup about a retired HacktheBox machine: OpenAdmin created by dmw0ng and publish on January 4, 2020. This box is classified as an easy machine. The user part is longer than the root part and involve to find a vulnerable component, exploit it to get a shell, found the creds of an user able to connect using SSH then found another webservice to get the private SSH key of a second user. The root part is simply exploiting a sudo permission on nano to execute command.

HTB: Bitlab

Bitlab Card

This box is a writeup about a retired HacktheBox machine: Bitlab. This box is rated as a medium box. It implies a gitlab, a user, some enumeration, a PostgreSQL database, some pain with a b64 password and some basic reverse engineering on a Windows binary.

If you just want to play with the binary: it is available in the "RemoteConnection.exe" part.

HTB: Craft

Craft card

This is a writeup about a retired HacktheBox machine: Craft This box is classified as a medium machine. The user part is quit long and involve to find "secrets" in a git repository, access an API to get a reverse shell and manipulate a MySQL database in a jailed environment. The root part is quit easier and involve to interact with a vault instance.