Home

  • HackTheBox - Remote

    9a06155922ad0b0bd66483eca0332786.png

    0. Preface

    This is one of the first write-ups I have written, as well as one of the first boxes I completed, so the write-up quality may not match the previous few write-ups on this site.

    Pretty interesting box overall, nothing much to really write about here. Just some enumeration, some CVE exploits and that’s it.

    In this box, we will be tackling:

    1. Mounting and enumerating NFS shares
    2. Exploiting Umbraco for RCE
    3. Privilege escalation using TeamViewer 7

    Continue Reading...



  • VulnHub - GreenOptic 1

    311acdccb63fff89d426a2dde5eb467c.png

    0. Preface

    This box has tons of enumeration. Tons. Pretty interesting box in terms of what kind of enumeration and analysis you have to do, but honestly it’s nothing we haven’t seen before so far.

    In this box, we will be tackling:

    1. Reading files using LFI
    2. DNS zone transfers
    3. Decoding some Base64
    4. Wireshark PCAP Analysis

    Continue Reading...



  • HackTheBox - Quick

    3fc3502d18aa8a519950baa15b816a22.png

    0. Preface

    This box took a lot of time and a lot of tears. It definitely wasn’t quick at all.

    After how hard the rest of the box is, root is pretty brainless in comparison. Also, if you’re still running ESIGate 5.2 and below (or really, anything that is vulnerable to ESI injection), please update it.

    Gear up for the longest write-up I have written yet.

    In this box, we will be tackling:

    1. HTTP/3
    2. Guessing email addresses to password spray
    3. ESI injection
    4. Quickly symlinking files
    5. Reading some log files to root

    Continue Reading...