HTB

A collection of 46 posts

HackTheBox Writeup: Zetta

Zetta was a hard rated box that had some interesting vulnerabilities. An unfinished dual-stack implementation was used to leak the IPv6 address of the server which exposed a rsync service. Write access to

HackTheBox Writeup: RE

RE was a hard rated box that was pretty challenging with many steps. The initial foothold involved crafting a malicious OpenOffice document. The first part of privilege escalation required using a zipslip vulnerability

HackTheBox Writeup: Player

Player was a hard rated machine and is probably my favorite machine thus far. This box was all about enumeration. Other than one thing that was a bit of a reach and kinda

HackTheBox Writeup: Jarvis

Jarvis was a medium rated box that involved SQL injection for the initial foothold followed by bash manipulation and service abuse to gain root. Nmap scan: I checked out 64999 first: There didn't

HackTheBox Writeup: Haystack

Haystack was an easy rated Linux box that was a bit annoying to work with as the machine was configured to use Spanish but hey, people all over the world deal with that

HackTheBox Writeup: Writeup

Writeup was an easy rated box - basic enumeration and exploitation for a foothold then abusing a bad path configuration with lax write permissions to escalate privileges to root. Nmap scan: Webpage on