HackTheBox Writeup: Sauna
Sauna was an easy rated Windows box with a focus on Active Directory. A list of users was generated from a website and AS-REP roasting was used to obtain a password hash. This
t3chnocat
HackTheBox Writeup: Book
Book was a very interesting medium rated Linux machine that introduced me to some new techniques. SQL Truncation was used to takeover the admin account in a web application. XSS was then used
HackTheBox Writeup: ForwardSlash
ForwardSlash was a hard rated Linux box where a LFI vulnerability on a file upload function found on a vhost was exploited with PHP wrappers to find creds that worked for SSH. A
HackTheBox Writeup: PlayerTwo
PlayerTwo was an insane rated Linux box that was a hell of a journey. I debated about doing this writeup because I got the root flag in an unintended way but hey, it's
HackTheBox Writeup: Servmon
ServMon was an easy rated Windows box that took me longer to solve than I expected given the rating. Sensitive files stored on an anonymous FTP server, a directory traversal vulnerability in a
HackTheBox Writeup: Monteverde
Monteverde was a medium difficulty Windows box in which lazy password practice combined with password spraying allowed access to a SMB share. An Azure XML file was found with another password which was