HTB: Pandora

Posted on 25 May 2022 in security • Tagged with security, boot2root, HTB, suid, snmp, pandora • 5 min read

Pandora Card

This box is a writeup about a retired HacktheBox machine: Pandora publish on January 8, 2022 by TheCyberGeek and dmw0ng. This box is rated as an easy machine. It implies an UDP service, a localy exposed vulnerable application and an SUID binary.


Continue reading

HTB: Magic

Posted on 29 Aug 2020 in security • Tagged with security, boot2root, HTB, linux, Upload, SUID, SQLi • 6 min read

Magic card

This is a writeup about a retired HacktheBox machine: Magic publish by TRX on April 18 2020. This box is classified as a medium machine but is quit easy. It involves a basic SQL injection, a magic file upload and a SUID binary.


Continue reading

HTB: Mango

Posted on 19 Apr 2020 in security • Tagged with security, boot2root, HTB, NoSQL, SUID, linux • 6 min read

Mango card

This is a writeup about a retired HacktheBox machine: Mango publish by MrR3boot on October 26 2019. This box is classified as a medium machine. It involves a interesting NoSQL injection and a SUID binary.


Continue reading

HTB: Registry

Posted on 04 Apr 2020 in security • Tagged with security, boot2root, linux, HTB, docker, bolt CMS, restic, SUID • 13 min read

Jarvis Card

This is a writeup about a retired HacktheBox machine: Registry. This box is rated as a hard box. It was release on October 19 by thek. It implies a few rabbit holes, the Docker registry API, the Bolt CMS, and the SUID binary restic.


Continue reading

HTB: Wall

Posted on 07 Dec 2019 in security • Tagged with security, boot2root, HTB, bruteforce, centreon, WAF, bypass, SUID, screen, linux • 5 min read

Wall Card

This is a writeup about a retired HacktheBox machine: Wall. This box is rated as a medium box. It implies a lot of frustration, some bruteforce, an centreon exploit with a WAF bypass and the exploitation of a SUID screen.


Continue reading