HTB: Buff

Posted on 22 Nov 2020 in security • Tagged with security, boot2root, HTB, Windows, chisel, cloudme • 4 min read

Buff card

This is a writeup about a retired HacktheBox machine: Buff published on July 18 2020 egotisticalSW This box is classified as an easy machine. The user part just require to exploit a CVE. The root part require first to pivot to access the box's internal services then exploit another CVE.


Continue reading

HTB: Tabby

Posted on 10 Nov 2020 in security • Tagged with security, boot2root, HTB, Linux, tomcat, zip, lxd, lxc, LFI • 7 min read

Tabby Card

This article is a writeup about a retired HacktheBox machine: Tabby publish on June 20 2020 by egree55. This box is rated as an easy box. The user part implies a Local File Inclusion (LFI) and the tomcat manager. The root part implies LXC/LXD (Linux kernel containment).


Continue reading

HTB: Remote

Posted on 10 Nov 2020 in security • Tagged with security, boot2root, HTB, windows, umbraco, teamviewer, metasploit, msfvenom • 6 min read

Remote card

This is a writeup about a retired HacktheBox machine: Remote published by mrb3n on Mars the 21th 2020. This box is a Windows machine classified as easy. It implies a NFS share, a vulnerable CMS, TeamViewer and a second unintended way towards root.


Continue reading

HTB: Blunder

Posted on 19 Oct 2020 in security • Tagged with security, boot2root, HTB, linux, cewl, bludit, sudo • 6 min read

Blunder Card

This is a writeup about a retired HacktheBox machine: Blunder. This box was created by egotisticalSW and publish on May 30, 2020. The box is rated as an easy box. It implies enumeration, generating a custom wordlist with cewl, using metasploit, cracking a password and a sudo vulnerability.


Continue reading

HTB: Cache

Posted on 10 Oct 2020 in security • Tagged with security, boot2root, HTB, Linux, openEMR, docker, memcache • 8 min read

Cache card

This is a writeup about a retired HacktheBox machine: Cache created by ASHacker and publish on May 9, 2020. This box is classified as a medium machine. The user part is the harder as it involve some enumeration, chaining two exploit for openEMR. The root part is quit easier as it was a simple "exploitation" the box's memcache and the docker permissions.


Continue reading

HTB: Admirer

Posted on 27 Sep 2020 in security • Tagged with security, boot2root, HTB, adminer, Linux, sudo • 5 min read

Admirer card

This is a writeup about a retired HacktheBox machine: Admirer created by polarbearer and GibParadox and publish on May 2, 2020. This box is classified as an easy machine. The user part implied a few enumeration and an adminer vulnerability. The root part implied a sudo permission with SETENV and a python script.


Continue reading

HTB: Magic

Posted on 29 Aug 2020 in security • Tagged with security, boot2root, HTB, linux, Upload, SUID, SQLi • 6 min read

Magic card

This is a writeup about a retired HacktheBox machine: Magic publish by TRX on April 18 2020. This box is classified as a medium machine but is quit easy. It involves a basic SQL injection, a magic file upload and a SUID binary.


Continue reading

HTB: Traceback

Posted on 19 Aug 2020 in security • Tagged with security, boot2root, HTB, linux • 4 min read

Traceback Card

This is a writeup about a retired HacktheBox machine: Traceback publish on Mars the 14th 2020 by Xh4H. This box is rated as easy box. It implies some Google search, a lua interpreter and a privilege escalation using the MOTD.


Continue reading

HTB: Cascade

Posted on 26 Jul 2020 in security • Tagged with security, boot2root, HTB, Windows, LDAP, VNC, AD Recycle bin • 7 min read

Cascade Card

This is a writeup about a retired HacktheBox machine: Cascade publish on Mars 28 2020 by VbScrub. This box is rated as medium box. It implies some LDAP search, some SMB shares, a VNC registry, some reverse engineering and the AD Recycle Bin.


Continue reading

HTB: Sauna

Posted on 22 Jul 2020 in security • Tagged with security, boot2root, HTB, Windows, impacket, enumeration • 7 min read

Sauna card

This is a writeup about a retired HacktheBox machine: Sauna published on February the 15th 2020 by egotisticalSW This box is classified as an easy machine. This box has a lot of similarities with forest: The user part require some smart enumeration. The second user also require to enumerate the box and the root part is a "simple" exploitation of the second user's privileges.


Continue reading