HTB: Forwardslash

Posted on 07 Jul 2020 in security • Tagged with security, boot2root, HTB, openAdmin, Linux • 9 min read

Forwardslash card

This is a writeup about a retired HacktheBox machine: Forwardslash created by InfoSecJack and chivato publish on April 4, 2020. This box is classified as an hard machine. The user part inplies some enumeration a LFI, some PHP filter, a home made backup binary. The root part implies some home made crypto (don't) and a LUKS image.


Continue reading

HTB: OpenAdmin

Posted on 04 May 2020 in security • Tagged with security, boot2root, HTB, openAdmin, sudo, nano • 6 min read

OpenAdmin card

This is a writeup about a retired HacktheBox machine: OpenAdmin created by dmw0ng and publish on January 4, 2020. This box is classified as an easy machine. The user part is longer than the root part and involve to find a vulnerable component, exploit it to get a shell, found the creds of an user able to connect using SSH then found another webservice to get the private SSH key of a second user. The root part is simply exploiting a sudo permission on nano to execute command.


Continue reading