HackTheBox Writeup: Writeup
Writeup was an easy rated box - basic enumeration and exploitation for a foothold then abusing a bad path configuration with lax write permissions to escalate privileges to root. Nmap scan: Webpage on
Writeup was an easy rated box - basic enumeration and exploitation for a foothold then abusing a bad path configuration with lax write permissions to escalate privileges to root. Nmap scan: Webpage on
Ghoul was a hard rated box and man did it deserve that rating! It was a devious machine with lots of layers, false leads and trolling. Despite it being very frustrating at times,
SwagShop was an easy rated box that was very straightforward. Enumerate, find Magento running, find and edit an exploit to access an admin panel, another exploit for a reverse shell, then an easy
Luke was a medium rated box which was quite accurate for me. As I come from a networking/sysadmin background, some of the web oriented stuff was very confusing to me but hey,
Bastion was a fairly easy Windows box that involved SAM files and a vulnerability in mRemoteNG. Nmap scan: Netbios is open so let's check out available shares: 'Backups' looks like a juicy target
This was quite a challenging box for me but I learned a lot about things. One of the things I love about HackTheBox is performing attacks I read about in the news, in