HTB: Backdoor

Posted on 25 Apr 2022 in security • Tagged with security, boot2root, HTB, wordpress, lfi, gdbserver, screen • 2 min read

Backdoor

This is a writeup about a retired HacktheBox machine: Backdoor publish on November 20, 2021 by hkabubaker17. This box is rated as an easy machine. It implies a wordpress plugin, a LFI, a gdbserver and a screen process.


Continue reading

HTB: Forge

Posted on 21 Jan 2022 in security • Tagged with security, boot2root, HTB, SSRF, LFI • 3 min read

Forge Card

This is a writeup about a retired HacktheBox machine: Forge publish on September 11, 2021 by NoobHacker9999. This box is rated as a medium machine but could be qualified as an easy medium :). It implies a SSRF and an LFI as well as some Python and a PDB.


Continue reading

HTB: Tabby

Posted on 10 Nov 2020 in security • Tagged with security, boot2root, HTB, Linux, tomcat, zip, lxd, lxc, LFI • 7 min read

Tabby Card

This article is a writeup about a retired HacktheBox machine: Tabby publish on June 20 2020 by egree55. This box is rated as an easy box. The user part implies a Local File Inclusion (LFI) and the tomcat manager. The root part implies LXC/LXD (Linux kernel containment).


Continue reading