Home

  • πŸ•‘ Saturday, 22 August 2020 | πŸ“– 11 minutes

    HackTheBox - Magic

    80127c661a9158af92d8b446c1040b78.png

    0. Preface

    The SQL injection took me the longest to get past because I didn’t notice that burpsuite gave a β€˜302 Found’ as I was expecting the page to automatically redirect. Otherwise, this box is a pretty straightforward one.

    In this box, we will be tackling:

    1. SQL Injection to get login bypass
    2. Uploading β€œimages” to get a reverse shell
    3. Using mysqldump to dump databases
    4. Exploiting the $PATH variable

    Continue Reading...


  • πŸ•‘ Tuesday, 18 August 2020 | πŸ“– 5 minutes

    VulnHub - eLection 1

    63ac097bd2b9163f6643bd12b619ab8b.png

    0. Preface

    Very straightforward machine. To be honest, a very easy machine too. Just requires some enumeration by sifting through the linpeas.sh output. Also, please update your Serv-U if it is still below 15.7.

    In this box, we will be tackling:

    1. Web server enumeration.
    2. More web server enumeration.
    3. Translating from binary to text.
    4. Abusing Serv-U 15.6 with SUID bit set.

    Continue Reading...


  • πŸ•‘ Saturday, 15 August 2020 | πŸ“– 8 minutes

    HackTheBox - Traceback

    5eb1e9495a12b0323d8a529ea3e5af4b.png

    0. Preface

    A relatively easy box. Some lateral thinking and OSINT is required for the first section to get to user, but the rest of the box is pretty straightforward.

    In this box, we will be tackling:

    1. Further pwning a pwned website
    2. Using a LUA REPL compiler to pivot to another user
    3. Using MOTDs to get a root shell

    Continue Reading...