t3chnocat

57 posts
RSS
HackTheBox Writeup: Quick

HackTheBox Writeup: Quick

Quick was a hard rated Linux box and man, did it earn that rating. A website was accessed via the QUIC protocol and a password was retrieved. A list of potential usernames was

HackTheBox Writeup: Magic

HackTheBox Writeup: Magic

Magic was a medium rated Linux box that required you to find a hidden upload function then bypass its upload restrictions to execute code and catch a shell as www-data. From here, creds

HackTheBox Writeup: Traceback

HackTheBox Writeup: Traceback

Traceback was an easy rated Linux machine that required finding a webshell on an already pwned website, using it to upload a php reverse shell, then catching a shell as webadmin. From there,

HackTheBox Writeup: Cascade

HackTheBox Writeup: Cascade

Cascade was a medium rated Windows machine where a legacy password found in LDAP enabled access to SMB shares. In those shares were various files, one of which was a registry file containing

HackTheBox Writeup: Sauna

HackTheBox Writeup: Sauna

Sauna was an easy rated Windows box with a focus on Active Directory. A list of users was generated from a website and AS-REP roasting was used to obtain a password hash. This