Recent posts

HackTheBox Writeup: Resolute

HackTheBox Writeup: Resolute

Resolute was a medium rated Windows machine in which LDAP was queried for a list of users and an initial account password. This password was sprayed across the found usernames for a shell.

HackTheBox Writeup: Obscurity

Obscurity was a medium rated Linux machine that required some fuzzing to find a hidden web directory containing a python file. This file was the source code for the web server and contained

HackTheBox Writeup: OpenAdmin

OpenAdmin was an easy rated Linux machine with a vulnerable version of OpenNetAdmin. A publicly available exploit got us remote code execution in a limited shell - this was converted into a proper

HackTheBox Writeup: Control

Control was a hard rated Windows machine that was a lot of work and very frustrating during the last part but I learned a ton of things as well. A HTTP header had

HackTheBox Writeup: Mango

Mango was a medium difficulty Linux machine in which a NoSQL injection was used to enumerate credentials for initial SSH access. A SUID java binary was then exploited to write to root's authorized_