HackTheBox Writeup: Cache
Cache was a medium rated Linux box where enumerating a website found some hard-coded creds and a vhost that contained an Electronic Medical Records application. This EMR app had some SQL injection vulnerabilities
HTB
A collection of 46 posts
HackTheBox Writeup: Admirer
Admirer was an easy rated Linux machine that had a lot more steps than I expected, given the rating. A robots.txt file hinted at the presence of credentials which were found with
HackTheBox Writeup: Quick
Quick was a hard rated Linux box and man, did it earn that rating. A website was accessed via the QUIC protocol and a password was retrieved. A list of potential usernames was
HackTheBox Writeup: Magic
Magic was a medium rated Linux box that required you to find a hidden upload function then bypass its upload restrictions to execute code and catch a shell as www-data. From here, creds
HackTheBox Writeup: Traceback
Traceback was an easy rated Linux machine that required finding a webshell on an already pwned website, using it to upload a php reverse shell, then catching a shell as webadmin. From there,
HackTheBox Writeup: Cascade
Cascade was a medium rated Windows machine where a legacy password found in LDAP enabled access to SMB shares. In those shares were various files, one of which was a registry file containing