Posted on 29 Aug 2021 in security • Tagged with security, boot2root, HTB, linux, php, chef • 3 min read
This is a writeup about a retired HacktheBox machine:
Knife published on
May 22 2021 by
MrKN16H
This box is classified as an easy machine. This box implies a PHP dev backdoor
and a misconfigured sudo permission for knife a
chef utility.
Posted on 26 Jul 2021 in security • Tagged with security, boot2root, HTB, linux, Drupalgeddon • 4 min read
This is a writeup about a retired HacktheBox machine:
Armageddon publish on
Mars 27, 2021 by
Bertolis.
This box is rated as an easy machine. It implies the drupalgeddon vulnerability
and some permissive sudo permissions.
Posted on 05 Jul 2021 in security • Tagged with security, boot2root, HTB, Linux, YAML, deserialization, webassembly • 5 min read
This is a writeup about a retired HacktheBox machine: Ophiuchi created by felamos and publish on February 13, 2021. This box is classified as a medium machine. The user part involves YAML and deserialization as the root part involves webassembly binaries.
Posted on 24 May 2021 in security • Tagged with security, boot2root, HTB, Linux, john • 4 min read
This is a writeup about a retired HacktheBox machine: Delivery created by ippsec and publish on January 9 2021. This box is classified as an easy machine. The user part involve to understand a process and exploit some functionnal flow. The root part implies enumeration and cracking somes hashes binary.
Posted on 16 May 2021 in security • Tagged with security, boot2root, HTB, linux, gitlab • 5 min read
This is a writeup about a retired HacktheBox machine: Laboratory publish on November 14, 2020 by 0xc45. This box is rated as an easy box. It implies mostly gitlab and a LFI vulnerability and an SUID binary.
Posted on 07 Apr 2021 in security • Tagged with security, boot2root, HTB, linux, jackson, deserialization • 3 min read
This is a writeup about a retired HacktheBox machine: Time publish on October 24, 2020 by egotisticalSW and felamos . This box is rated as a medium box. It implies a hard foothold using Jackson and some Google fu. The root part is quit fast as there is a writable bash script running regularly as root.
Posted on 09 Mar 2021 in security • Tagged with security, boot2root, HTB, linux • 4 min read
This is a writeup about a retired HacktheBox machine: Passage publish on September 2, 2020 by ChefByzen. This box is rated as a medium box. It implies two public exploit and a shared SSH private key.
Posted on 28 Feb 2021 in security • Tagged with security, boot2root, HTB, Linux, laravel, composer • 5 min read
This is a writeup about a retired HacktheBox machine:
Academy created by
egre55 and
mrb3n and publish on
November 7, 2020.
This box is classified as an easy machine. The user part involve a public
exploit and some enumeration. The root part implies enumeration and a sudo
binary.
Posted on 07 Feb 2021 in security • Tagged with security, boot2root, HTB, linux, SSTI, Splunk • 5 min read
This is a writeup about a retired HacktheBox machine: Doctor created by egotisticalSW and publish on September 26, 2020. This box is classified as an easy machine. The user part implied a server side template injection and finding a needle in a haystack. The root part required to use a Splunk exploit to elevate our privileges.
Posted on 03 Dec 2020 in security • Tagged with security, boot2root, HTB, linux, phishing, pypi • 6 min read
This is a writeup about a retired HacktheBox machine: Sneakymailer publish on July 11, 2020 by sulcud. This box is rated as a medium box. It implies some phishing, an IMAP server, a FTP server, Pypi and sudo.