HTB: Magic

Posted on 29 Aug 2020 in security • Tagged with security, boot2root, HTB, linux, Upload, SUID, SQLi • 6 min read

Magic card

This is a writeup about a retired HacktheBox machine: Magic publish by TRX on April 18 2020. This box is classified as a medium machine but is quit easy. It involves a basic SQL injection, a magic file upload and a SUID binary.


Continue reading

HTB: Book

Posted on 12 Jul 2020 in security • Tagged with security, boot2root, HTB, Linux, SQLi, XSS, logrotate, CVE • 5 min read

Book card

This is a writeup about a retired HacktheBox machine: Book This box is classified as a medium machine published on February the 22th 2020 by MrR3boot. It involves some XSS, an SQL truncation injection and a CVE on logrotate.


Continue reading

HTB: Jarvis

Posted on 10 Nov 2019 in security • Tagged with security, boot2root, HTB, SQLi, linux • 7 min read

Jarvis Card

This is a writeup about a retired HacktheBox machine: Jarvis. This box is rated as a medium box. It implies a dead end, some SQL injection, a homemade script and a SUID binary.


Continue reading