This is a writeup about a retired HacktheBox machine: Admirer created by polarbearer and GibParadox and publish on May 2, 2020. This box is classified as an easy machine. The user part implied a few enumeration and an adminer vulnerability. The root part implied a sudo permission with SETENV and a python script.

This is a writeup about a retired HacktheBox machine: Magic publish by TRX on April 18 2020. This box is classified as a medium machine but is quit easy. It involves a basic SQL injection, a magic file upload and a SUID binary.

This is a writeup about a retired HacktheBox machine: Traceback publish on Mars the 14th 2020 by Xh4H. This box is rated as easy box. It implies some Google search, a lua interpreter and a privilege escalation using the MOTD.

This is a writeup about a vulnhub machine InfoSec Prep This box is an really easy box in order to make a small selection for entering a give away for a 30d voucher to the OSCP Lab, Lab materials, and an exam attempt. The box was created by FalconSpy and publish on July 11 2020. It involves a robots.txt file, some base64 an SSH key, lxd and a SUID binary.

This is a writeup about a retired HacktheBox machine: Cascade publish on Mars 28 2020 by VbScrub. This box is rated as medium box. It implies some LDAP search, some SMB shares, a VNC registry, some reverse engineering and the AD Recycle Bin.

This is a writeup about a retired HacktheBox machine: Sauna published on February the 15th 2020 by egotisticalSW This box is classified as an easy machine. This box has a lot of similarities with forest: The user part require some smart enumeration. The second user also require to enumerate the box and the root part is a "simple" exploitation of the second user's privileges.

This is a writeup about a retired HacktheBox machine: Book This box is classified as a medium machine published on February the 22th 2020 by MrR3boot. It involves some XSS, an SQL truncation injection and a CVE on logrotate.

This is a writeup about a retired HacktheBox machine: Forwardslash created by InfoSecJack and chivato publish on April 4, 2020. This box is classified as an hard machine. The user part inplies some enumeration a LFI, some PHP filter, a home made backup binary. The root part implies some home made crypto (don't) and a LUKS image.

This article is a writeup about a retired HacktheBox machine: ServMon publish on April 11 2020 by dmw0ng. This box is rated as an easy box. This box is really unstable and can be a pain as there is a lot of reset on public server. It implies an anonymous FTP, a Passwords.txt file and two exploits.

This is a writeup about a retired HacktheBox machine: Monteverde published on January the 11th 2020 by egre55. This box is classified as a medium machine. The user part is quit direct and easy and involve to enumerate a few basic services. The root part was harder for me as it is based on a specific issue with Azure AD and Password Hash Synchronisation.