A collection of 17 posts

HackTheBox Writeup: Writeup

Writeup was an easy rated box - basic enumeration and exploitation for a foothold then abusing a bad path configuration with lax write permissions to escalate privileges to root. Nmap scan: Webpage on

HackTheBox Writeup: Ghoul

Ghoul was a hard rated box and man did it deserve that rating! It was a devious machine with lots of layers, false leads and trolling. Despite it being very frustrating at times,

HackTheBox Writeup: SwagShop

SwagShop was an easy rated box that was very straightforward. Enumerate, find Magento running, find and edit an exploit to access an admin panel, another exploit for a reverse shell, then an easy

HackTheBox Writeup: Luke

Luke was a medium rated box which was quite accurate for me. As I come from a networking/sysadmin background, some of the web oriented stuff was very confusing to me but hey,

HackTheBox Writeup: Bastion

Bastion was a fairly easy Windows box that involved SAM files and a vulnerability in mRemoteNG. Nmap scan: Netbios is open so let's check out available shares: 'Backups' looks like a juicy target