Recent posts

HackTheBox Writeup: ForwardSlash

HackTheBox Writeup: ForwardSlash

ForwardSlash was a hard rated Linux box where a LFI vulnerability on a file upload function found on a vhost was exploited with PHP wrappers to find creds that worked for SSH. A

HackTheBox Writeup: PlayerTwo

HackTheBox Writeup: PlayerTwo

PlayerTwo was an insane rated Linux box that was a hell of a journey. I debated about doing this writeup because I got the root flag in an unintended way but hey, it's

HackTheBox Writeup: Servmon

HackTheBox Writeup: Servmon

ServMon was an easy rated Windows box that took me longer to solve than I expected given the rating. Sensitive files stored on an anonymous FTP server, a directory traversal vulnerability in a

HackTheBox Writeup: Monteverde

HackTheBox Writeup: Monteverde

Monteverde was a medium difficulty Windows box in which lazy password practice combined with password spraying allowed access to a SMB share. An Azure XML file was found with another password which was

HackTheBox Writeup: Resolute

HackTheBox Writeup: Resolute

Resolute was a medium rated Windows machine in which LDAP was queried for a list of users and an initial account password. This password was sprayed across the found usernames for a shell.